Hello,

I use Utorrent a lot with tons of different peers.

It is very annoying malwarebytes is giving every few seconds a notify that an IP has been blocked.

Those IP's on p2p are harmless. Is it not possible to exclude a program like Utorrent?





Best Regards

I'll take a look at those but P2P isn't blocked.

Those IP's are NOT safe.

http://hosts-file.net/?s=78.107.253.182
http://hosts-file.net/?s=94.102.146.42

They are both associated with active malware infections.

Regardless of any malware association, they can not seriously present a threat to uTorrent user. The user is after all downloading exactly what he/she intended (or so I hope), and the chances of uTorrent as a network client being used as a conduit for exploits is as far as I know non-existent.



I certainly hope the IP Protection feature is smart enough to distinguish connections from browsers and other clients. I certainly would be annoyet by this feature, as I tend to use P2P, and for example eMule with KAD (DHT) tend sto connect to wide range of IP addresses. It'd be silly to see warning for each connection to a client that resides in malware range as it presents no threat ...

The best suggestion would be to quickly disable IP blocking (with the click of a button) and allow the files to download. Then, re-enable it later.

lordpake,
Without packet sniffing and analysis, there's no way to determine the different types of connections. Packet sniffing and analysis is beyond the scope of an antimalware program.

Sadly this option is not an option to any real P2P user, who keeps the client running, for whatever reason, sharing whatever content. Which I'm afraid renders part of MBAM useless.

I, too, also receive this message today. I have uTorrent but it's not running. Does this IP belong to uTorrent? I ran quick scan from Anti-Malware and found nothing.

Does this message mean that the program blocks the IP from connecting to my PC or there is already a file infection on my PC that haven't deleted? Don't know how I get this infection in the first place.

Well, I add the firewall rule to Norton Internet Security 2009 to block communication from 94.102.146.40 - 94.102.146.47 to the top of the rule list, and I no longer receive popups from Anti-Malware. Is this the right approach or it's not needed?

The rule has been removed and an update for it will be released shortly.

The IP doesn't belong to uTorrent itself, but to one of it's users.

Thank you. I removed the firewall rule from NIS and updated database version to 2560 and still receive this popup minutes later. Is something on my PC that tries to connect to this site or vice versa? How do I track it down? uTorrent is definitely not running.

how do u do that
turn off

Just right click with your mouse on the malwarebytes icon in the systray (on the side of the clock).

Than press IP Protection so the V will be removed.

I'm a heavily P2P user and I'm only on private trackers so I know what I download. I hope there will be a fix for this prob

An update to correct this one will be out shortly.

Today I also had an IP-block warning. But I can't find a log of it. Is there a place I can look to see wich IP was blocked.

Thanks

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

I disabled IP Protection, but when I restart, it is enabled again. How do I prevent this?

Currently you cannot stop that. We're working on some updates to the program and hopefully there will be an option in the near future.

These logs appear to be DBCS and are not easily viewed, at least as simple text files. I find it odd that they do not show up in the logs displayed by the program.

The next release version of the product is slated to have other choices and methods of using the IP Protection Module.
Hopefully it will be going into beta within the next week and depending on the results should then soon be out to release.