hmmhello

False Positives with Utorrent Running?

3 posts in this topic

Wait....

Before you all say "torrenting is normally illegal stuff, yadda yadda" I am seeding Sabayon Linux, foobar, etc etc, nothing illegal. Secondly, this is a fresh install of less than 2 days and I have downloaded nothing fishy or visited any odd websites, so I am thinking this has to do with seeds.

*sorry if this is in the wrong place btw :)*

So, here's a basic log of what has been happening

10:01:02 linux MESSAGE Protection started successfully

10:01:06 linux MESSAGE IP Protection started successfully

10:01:55 linux IP-BLOCK 117.200.241.124

10:02:06 linux IP-BLOCK 212.117.173.187

10:02:26 linux IP-BLOCK 89.248.166.206

10:02:56 linux IP-BLOCK 117.199.67.6

10:02:56 linux IP-BLOCK 117.201.80.62

10:04:06 linux IP-BLOCK 117.197.126.251

10:04:46 linux IP-BLOCK 89.28.91.224

10:04:46 linux IP-BLOCK 89.28.98.48

10:06:47 linux IP-BLOCK 89.28.114.230

10:08:28 linux IP-BLOCK 212.113.33.130

10:09:08 linux IP-BLOCK 212.117.172.36

10:13:15 linux MESSAGE Protection started successfully

10:13:18 linux MESSAGE IP Protection started successfully

10:15:28 linux IP-BLOCK 212.113.33.130

10:15:29 linux IP-BLOCK 212.113.33.130

10:15:39 linux IP-BLOCK 212.113.33.130

10:16:59 linux IP-BLOCK 212.113.33.130

10:16:59 linux IP-BLOCK 212.113.33.130

10:16:59 linux IP-BLOCK 212.113.33.130

10:18:39 linux IP-BLOCK 208.64.120.53

10:18:39 linux IP-BLOCK 208.64.120.53

10:18:49 linux IP-BLOCK 208.64.120.53

10:18:49 linux IP-BLOCK 208.64.120.53

10:18:49 linux IP-BLOCK 208.64.120.53

10:18:49 linux IP-BLOCK 208.64.120.53

10:18:59 linux IP-BLOCK 58.240.121.101

10:18:59 linux IP-BLOCK 208.64.120.53

10:18:59 linux IP-BLOCK 208.64.120.53

10:19:09 linux IP-BLOCK 208.64.120.53

10:19:09 linux IP-BLOCK 208.64.120.53

10:19:09 linux IP-BLOCK 208.64.120.53

10:19:09 linux IP-BLOCK 208.64.120.53

10:19:19 linux IP-BLOCK 208.64.120.53

10:19:19 linux IP-BLOCK 208.64.120.53

10:19:29 linux IP-BLOCK 208.64.120.53

10:19:29 linux IP-BLOCK 208.64.120.53

10:19:29 linux IP-BLOCK 208.64.120.53

10:19:29 linux IP-BLOCK 208.64.120.53

10:21:20 linux IP-BLOCK 212.113.33.130

10:21:20 linux IP-BLOCK 212.113.33.130

10:21:30 linux IP-BLOCK 212.113.33.130

As you can see it's getting a bit maddening for me to see this thing pop up constantly

Any suggestions? I'd hate to just turn it off as I think it's great, but I can't deal with all these false positives either

Share this post


Link to post
Share on other sites

Hi hmmhello,

They are not False positives,

They are indeed traffic too and from blacklisted IP's ranges

Yes you are almost certainly transmitting data if you are seeding to

computers hosted on the blacklisted IP's and yes you are if you are downloading stuff then you also will be receiving data from computers hosted on the blacklisted IP's

Our IP protection is not designed to sniff packets and determine whether they are malicious in content.

It is purely a brute force block against data traffic to and from known bad IP's and thus mitigates any malicious data whether known or unknown being able to gain entry onto your PC from those sources.

Share this post


Link to post
Share on other sites

Ah thanks for the reply :)

I figured it was uTorrent and not something else, I checked my HJT log and it was fine, I just normally run in Linux so I'm not used to Malwarebytes, I'll keep it on but I'll turn IP protection off while I'm torrenting

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.