Jump to content

Malicious Website Blocked from Malware Bytes Antimalware??


freedomdwarf

Recommended Posts

Hi all,

 

My main PC crashed the other day when the PSU quite literally blew up in a fit of sparks and a cloud of smoke. Thankfully, no harm seems to have been done except an obviously dead PSU.

 

Anyways, I was busy setting up this laptop as a standby and something to play on when I go on holiday later in the year. Thing is, I hadn't installed uTorrent on it as I hadn't envisaged running torrents on it.

So, I grabbed the latest UT from its home site here (uTorrent v3.4.3 build 40298 Stable) and installed that one. I have downloaded about 2GB so far and all the while UT is running, my Malware bytes is constantly throwing up a "Malicious Website Blocked" error message showing all sorts of random IP addy's. When I say constant, I really do mean constantly, a non-stop stream of pop-up error messages - not even a half-second gap between each and every pop-up warning.

They are always from uTorrent.exe, always on port 0 and always outbound and not a repeat IP that I can remember (mind you, there are soo many of them in a non-stop stream it's hard to remember each and every one of them).

 

On my main PC that is now awaiting a new 1200W PSU when I can afford it, I never had this problem but I was always grabbing the latest 3.4x beta versions. This is probably the first time I've installed a 'stable' version since about 3.0 RC release.

 

Apart from the obvious hardware differences, this laptop and my main PC on the software front are pretty much Identical: XP SP3 (Corporate), The usual Ms Office 2010, Nero 2015, Malware Bytes etc etc etc. Always defragged and full threat scan every single night (always clean).

 

So what gives with all these constant IP addy's that are being reported as malicious???

Not a newbie to PC's (been using them since 1980) and laptops but it's the first time I've had such an abundance of constant outbound errors from UT (or anything else for that matter).

 

Any ideas guys??

 

Link to comment
Share on other sites

And what exactly is malwarebytes basing these blocks on?

I highly doubt it's actual packet inspection.

I'm betting it's just an overparanoid IP blocking system of similar effectiveness to peerblock (bordering on completely useless)

I have no idea what they use for criteria.

The same as I don't know what BitDefender uses either.

 

When you've used certain software for a few years and spent the first few months scrutinising the results it throws up as being kosher, you tend to trust it a bit. Obviously nothing is ever 100% perfect.

 

All I know is, my main PC (using UT beta versions) didn't do this but this 'stable' one does.

Link to comment
Share on other sites

  • 2 weeks later...

There might be a real problem here.

 

I got similar warnings from eset NOD32. uTorrent was definitely trying to connect to a dodgy http server.

 

NOD32 uses a black list. Evidently this forum engine uses a similar black list because my previous, more informative post on this topic earned me an auto-ban because I included the URL! I had to create a new account in order to make this post.

 

I found the URL-that-shall-not-be-named in the url-list section of the torrent file.

 

Please contact me via the email address in this account if possible. I can give you the torrent file, the virus scanner logs, etc.

 

I don't like to discuss security issues in public and I don't want to get banned again.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...