Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blocked Chinese IP's


  • Please log in to reply
19 replies to this topic

#1 garybear

garybear

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 30 January 2011 - 06:47 PM

Hello !!
I'm a brand new member on this forum and hope this is the right place to post this.
I have Avira free AV==Online armor firewall== and Malwarebytes Pro running in real time.
MBAM has a fairly new feature that blocks malicious websites before they get to your PC.
MBAM was blocking these IP's on my PC. I was getting 700+ malicious blocked incoming IP's in 24 hours.
I got tired of that crap and reported these to my ISP. My ISP stopped them and I'm no longer getting these.
If you are using MBAM and getting malicious incoming IP's report them to your ISP. If they won't help you stop them, report them to HomeLand Security. Here is a list of IP addresses that were scanning my ports looking for a way to hack and compromise my PC. I hope this helps some one here on the forum!!
221.192.199.48
221.192.199.46
221.192.199.49
58.218.250.115
222.186.13.212
125.45.109.166
218.9.25.30
113.105.157.122

Edited by boopme, 30 January 2011 - 11:19 PM.
Moved to appropriate forum


BC AdBot (Login to Remove)

 


#2 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 31 January 2011 - 01:43 PM

Hello!!
It is very hard to attach jpg on this forum.
I want to show the hits I was taking and this is the only way I could find to post them.
I hope I'm not breaking any forum rules.
Thank you!!

http://forums.malwarebytes.org/lofiversion/index.php?t70747.html

I was a member on the IObit forum for two years and was banned for exposing their software for terrible memory leaks.
I believe this is their answer for exposing them.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,062 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:09 PM

Posted 01 February 2011 - 01:38 PM

So are you just providing information about your experience or are you in need of further assistance?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 01 February 2011 - 02:37 PM

So are you just providing information about your experience or are you in need of further assistance?

Hello friend.
Thank you for your response friend. My intent was to inform members about the increasing attempt of the Chinese to scan for open ports for malicious reasons. It was my experience of 700+ attempts daily, until I notified my ISP.
I also sent a letter to HomeLand Security. If more people would do that, the Chinese might get the message that we won't put up with this behavior.
I'm as well protected as I know how to be and do not need further assistance, but your offer is very much appreciated my friend.
Thank you for your reply!! This seems like a very good place to find answers for just about every thing. I hope members will see my post and report this kind of behavior. Maybe we can't stop them, but maybe we can slow them down!!

#5 scratcher

scratcher

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:09 AM

Posted 18 February 2011 - 11:43 AM

I don't know whether this will be of any help to anyone reading this thread, or even whether it's relevant, but the COMODO FIREWALL has a Stealth Ports Wizard. Clicking on it brings up the option to:

"Block all incoming connections and make my ports stealth for everyone. Selecting this option will mean your computer's ports will be invisible to all networks and the Firewall will block all incoming connections. The average user will find this option the most convenient and secure."

Being an "average user" I selected this option and don't know whether it's doing anything but I haven't seen any Chinese around here.

:busy:

* HP Pavilion dv7 *  2.20 gigahertz AMD Phenom II N850 Triple-Core *  4.0 GB RAM  *  Windows 7 Home Premium (x64) *   Firefox 3.6.17 * Thunderbird 3.1.11 *  Comodo Firewall  *  Malwarebytes' Anti-Malware 1.50.1 Pro *  avast! Free Anti-Virus 2014.9.0.2007  *  Erunt  *


#6 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 01:37 PM

I don't know whether this will be of any help to anyone reading this thread, or even whether it's relevant, but the COMODO FIREWALL has a Stealth Ports Wizard. Clicking on it brings up the option to:

"Block all incoming connections and make my ports stealth for everyone. Selecting this option will mean your computer's ports will be invisible to all networks and the Firewall will block all incoming connections. The average user will find this option the most convenient and secure."

Being an "average user" I selected this option and don't know whether it's doing anything but I haven't seen any Chinese around here.

:busy:

Hello friend!! Thanks for your reply. I would say I'm a little above "average user", but not very much. I have Avira Free AV =Online Armor firewall Free = and I run Malwarebytes Pro in real time. I have a dynamic IP address, so each time I connect to the internet, I get a different IP address.
Most of the time I never see any Chinamen either, and when I do a new IP stops their hacking attempts. I have tried to report this behavior to my ISP and also Home Land Security. They don't seem very interested. I guess we owe the Chinese to much money and we don't want to upset them :crazy:. I have given up getting any thing done about this and I just get a different IP when they start scanning my ports. It's a real shame we have to put up with this crap, but that's the internet.
My ports all report being Stealth when I test them with Gibson Research Center, so I'm not that worried, just the aggravation of them trying to hack me. The only way I know they are scanning my PC is because Malwarebytes makes a log. I let it go for 24 hours one time and had over 700 attempts.That's when I got angry, but no one cares, so I just ignore them and change my IP address.
Thank you for your reply friend! Maybe some day someone will get interested and stop this behavior, but I'm not holding my breath.

#7 scratcher

scratcher

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:09 AM

Posted 18 February 2011 - 07:54 PM

Thank you. Yes, I can understand how the whole situation must be intensely irritating. Happily, I'm still in a state of innocence as I only installed MBAM Pro a few hours ago and haven't yet discovered the log you mention. I now begin to think that life may prove less stressful if I don't discover it since, as you've shown, there's not much to be done about those pesky Chinese anyway.

* HP Pavilion dv7 *  2.20 gigahertz AMD Phenom II N850 Triple-Core *  4.0 GB RAM  *  Windows 7 Home Premium (x64) *   Firefox 3.6.17 * Thunderbird 3.1.11 *  Comodo Firewall  *  Malwarebytes' Anti-Malware 1.50.1 Pro *  avast! Free Anti-Virus 2014.9.0.2007  *  Erunt  *


#8 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 09:02 PM

Thank you. Yes, I can understand how the whole situation must be intensely irritating. Happily, I'm still in a state of innocence as I only installed MBAM Pro a few hours ago and haven't yet discovered the log you mention. I now begin to think that life may prove less stressful if I don't discover it since, as you've shown, there's not much to be done about those pesky Chinamen anyway.

Hello friend!!
I was a member on IObit forum which has a Chinese Company (IObit 360.) We had a disagreement which lead to some very bad exchanges. This is how they retaliate. No one wants to believe me and I have stopped trying to expose their behavior on facebook. I decided to post here on BleepingComputer hoping to draw some attention here to the way they behave. I have been banned deleted and cussed out for posting these things, so I have to be very cautious.
Here is a MBAM log of their attempted attacks to find a open port for what I believe is for malicious reasons.
Thank you my friend for your post.
I'm very well protected from these attacks and have my OS backed up in three different places. When I see these attacks, I just change my IP address. I'm tired of trying to get some one to stop this as it seems hopeless. It seems that even Home Land Security could care less as I have written them a personal letter about this behavior. I mainly want to warn people and tell them their PC could be compromised by these Chinese hackers. If I can accomplish that, I will feel good about this. This logs shows that I allowed them to try for awhile, but changed my IP address and that stopped them. I think you can see this thread on Google (Blocked Chinese IP's) and that makes me very happy. PS Installing MBAM Pro is a very wise decision!

03:01:38 Owner MESSAGE Scheduled update executed successfully
03:01:38 Owner MESSAGE IP Protection stopped
03:01:54 Owner MESSAGE Database updated successfully
03:02:04 Owner MESSAGE IP Protection started successfully
04:34:25 Owner MESSAGE Protection started successfully
04:34:30 Owner MESSAGE IP Protection started successfully
08:01:37 Owner MESSAGE IP Protection stopped
08:01:37 Owner MESSAGE Scheduled update executed successfully
08:01:46 Owner MESSAGE Database updated successfully
08:01:53 Owner MESSAGE IP Protection started successfully
10:09:07 Owner MESSAGE Protection started successfully
10:09:13 Owner MESSAGE IP Protection started successfully
11:01:37 Owner MESSAGE Scheduled update executed successfully
11:01:37 Owner MESSAGE IP Protection stopped
11:01:46 Owner MESSAGE Database updated successfully
11:01:52 Owner MESSAGE IP Protection started successfully
11:05:07 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:07:40 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
11:12:36 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:15:36 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
11:16:16 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
11:16:16 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
11:16:22 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:23:54 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:26:50 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
11:31:23 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:33:41 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
11:33:41 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
11:36:29 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
11:38:50 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
11:41:10 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
11:48:22 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
11:53:34 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
11:55:37 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
11:57:46 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
12:13:00 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
12:13:08 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
12:13:09 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
12:28:40 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
12:31:40 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
12:35:21 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
12:39:05 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
12:55:35 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
12:58:29 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:01:30 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:07:00 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
13:07:30 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:10:35 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:11:08 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
13:11:08 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
13:11:08 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
13:11:47 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
13:13:27 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:19:22 Owner IP-BLOCK 221.192.199.48 (Type: incoming)
13:19:51 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
13:21:20 Owner IP-BLOCK 221.192.199.51 (Type: incoming)
13:27:29 Owner IP-BLOCK 221.192.199.46 (Type: incoming)
13:29:37 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
13:29:37 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
13:29:38 Owner IP-BLOCK 222.186.13.212 (Type: incoming)
15:15:00 Owner MESSAGE Scheduled scan executed successfully
16:01:41 Owner MESSAGE Scheduled update executed successfully
16:01:41 Owner MESSAGE IP Protection stopped
16:01:51 Owner MESSAGE Database updated successfully
16:02:00 Owner MESSAGE IP Protection started successfully
19:00:03 Owner ERROR Scheduled update failed: WinHttpSendRequest failed with error code 12007
19:00:04 Owner MESSAGE Protection started successfully
19:00:09 Owner MESSAGE IP Protection started successfully
20:01:43 Owner MESSAGE IP Protection stopped
20:01:43 Owner MESSAGE Scheduled update executed successfully
20:01:53 Owner MESSAGE Database updated successfully
20:01:59 Owner MESSAGE IP Protection started successfully
23:01:39 Owner MESSAGE Scheduled update executed successfully
23:01:39 Owner MESSAGE IP Protection stopped
23:01:50 Owner MESSAGE Database updated successfully
23:01:57 Owner MESSAGE IP Protection started successfully

#9 scratcher

scratcher

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:09 AM

Posted 18 February 2011 - 09:27 PM

Hi Garybear:

I've just taken a look at my log and there are no IP-BLOCKS listed but I'll keep an eye out for them. Still, it's nice to learn that you are so well-protected and that those sneaky Orientals aren't able to get at you.

* HP Pavilion dv7 *  2.20 gigahertz AMD Phenom II N850 Triple-Core *  4.0 GB RAM  *  Windows 7 Home Premium (x64) *   Firefox 3.6.17 * Thunderbird 3.1.11 *  Comodo Firewall  *  Malwarebytes' Anti-Malware 1.50.1 Pro *  avast! Free Anti-Virus 2014.9.0.2007  *  Erunt  *


#10 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 09:48 PM

Hi Garybear:

I've just taken a look at my log and there are no IP-BLOCKS listed but I'll keep an eye out for them. Still, it's nice to learn that you are so well-protected and that those sneaky Orientals aren't able to get at you.

Hello scratcher!
One word of advice my friend. Be careful with your posts and the way you describe the Chinese as it will cause you trouble, as I learned the hard way. They have no use for me as I exposed their software. They can only aggravate me as I'm well protected. I can restore my OS in less than an hour free of infections and any thing else they might do to me.
It's just a shame we have to put up with this behavior from China!!
Thanks for your reply my friend!! I have proved that they are targeting me, but no one cares except you and me friend.
I wish you the best!! PS I really doubt that you will see these Chinese IP's in your logs, but MBAM is the best Malware fighter you can get
Gary

#11 scratcher

scratcher

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:09 AM

Posted 18 February 2011 - 10:13 PM

Hi Garybear:

Yes, I feel much better now that MBAM is installed and it's good to hear that you have such a high opinion of it. I wasn't aware that it could be run along with AVAST and am happy to note that there haven't been any conflicts.

BTW - what is your opinion of their SMART DEFRAG 2.0? Is it a useful program or is there something better?

Cheers.

:busy:

* HP Pavilion dv7 *  2.20 gigahertz AMD Phenom II N850 Triple-Core *  4.0 GB RAM  *  Windows 7 Home Premium (x64) *   Firefox 3.6.17 * Thunderbird 3.1.11 *  Comodo Firewall  *  Malwarebytes' Anti-Malware 1.50.1 Pro *  avast! Free Anti-Virus 2014.9.0.2007  *  Erunt  *


#12 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 11:23 PM

Hi Garybear:

Yes, I feel much better now that MBAM is installed and it's good to hear that you have such a high opinion of it. I wasn't aware that it could be run along with AVAST and am happy to note that there haven't been any conflicts.

BTW - what is your opinion of their SMART DEFRAG 2.0? Is it a useful program or is there something better?

Cheers.

:busy:

Hello friend!! My opinion of Smart Defrag is that it's a Chinese software. I do not support a thief.
I use the Defrag that CCleaner offers.
Smart Defraf is in Beta at the moment. You can trust CCleaner. Down load The Piriform link!!

http://www.piriform.com/

#13 scratcher

scratcher

  • Members
  • 124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:09 AM

Posted 18 February 2011 - 11:35 PM

Hi Garybear:

I already have CCleaner and it doesn't defrag the drive. It just cleans out the junk. What do you use to defragment your drive? There are many defrag programs but I'm not convinced they all do a good job.

* HP Pavilion dv7 *  2.20 gigahertz AMD Phenom II N850 Triple-Core *  4.0 GB RAM  *  Windows 7 Home Premium (x64) *   Firefox 3.6.17 * Thunderbird 3.1.11 *  Comodo Firewall  *  Malwarebytes' Anti-Malware 1.50.1 Pro *  avast! Free Anti-Virus 2014.9.0.2007  *  Erunt  *


#14 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 11:52 PM

Hi Garybear:

I already have CCleaner and it doesn't defrag the drive. It just cleans out the junk. What do you use to defragment your drive? There are many defrag programs but I'm not convinced they all do a good job.

Hello friend!! Did you click on my link?? CCleaner has several software programs including A file recover program called Recura. Click the link I gave you friend. I think CCleaner has 4 software programs. They all are good!!

http://www.piriform.com/

Edited by garybear, 18 February 2011 - 11:53 PM.


#15 garybear

garybear
  • Topic Starter

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 PM

Posted 18 February 2011 - 11:58 PM

Hello Scratcher!!
It's this old man's bed time!! I will check this thread tomorrow.
I have a little puter knowledge and will share what I know, but I'm tired tonight.
I wish you good dreams my friend and happy down loading. :crazy:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users