Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Firewall Blocking Malwarebytes

23 Nov 2015   #11
Alejandro85

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MoxieMomma View Post
The use of torrents ("legal" or not) is a good way to get infected.
That's not correct. Use of torrents themselves has nothing to do with getting infected or not. It's what the torrent carries what might be dangerous (pretty much in the same way as any download obtained in any other imaginable way).

About that particular block, the fact that the antivirus blacklists it may mean there is a seedbox running there, serving many other unrelated torrents, some of them possibly malicious. It's not unreasonable to leave the thing blocked just to be on the safe side, but generally this type of things tend to be false positives, as long as it's just the torrent client the one making the connection.

To be extra careful, the ideal thing to do is to harden your torrent client. Run it in a separate user account, so if that ever finds a vulnerability the damage is vastly restricted. Blocking the connection outright is not a crazy idea too.


My System SpecsSystem Spec
.
23 Nov 2015   #12
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

I surly must be crazy because if Malwarebytes doesn't like something I don't want it on my computer.

Then again I don't use P2P or Torrents of any kind.
My System SpecsSystem Spec
24 Nov 2015   #13
MoxieMomma

OEM Windows 7 Ult (x64) SP1
 
 

Hi:

Quote   Quote: Originally Posted by Alejandro85 View Post
Quote   Quote: Originally Posted by MoxieMomma View Post
The use of torrents ("legal" or not) is a good way to get infected.
That's not correct. Use of torrents themselves has nothing to do with getting infected or not. It's what the torrent carries what might be dangerous (pretty much in the same way as any download obtained in any other imaginable way).
I don't use torrents or any P2P, but it seems like a bit of an artificial distinction to separate the "what" from the "how", especially for basic computer users.
While advanced users may be able to deploy specific strategies to "harden" their torrents, it's well described and reported all over security fora (and has been for years) that they are indeed a means of becoming infected, especially for users who don't take added precautions.

And it's simply NOT true (and a dangerous assumption) that the IPs blocked by MBAM in real-time are "false positives", including the IP reported by the OP. They are being blocked for a reason.
This explains why: Why does Malwarebytes Anti-Malware block BitTorrent or other Peer-to-Peer Programs?

And their blocks are largely cosmetic, having no impact on the torrent/P2P performance.
Ignoring or whitelisting those IPs would be considered "softening", not hardening, one's defenses.
In fact, for most basic computer users, adding ANYTHING to the MBAM malware or IP whitelists (except perhaps for one's AV and other security applications) should be done with extreme caution.
A safer approach is to submit the files (for malware) or the IPs/URLs (for IP/website) to the MBAM Research Team for evaluation BEFORE ignoring or whitelisting or excluding them.

I make no claim to being an expert in either torrents or computer security. I am just a home user.
And my replies here are posted from that perspective and from that of a volunteer helper at MBAM forum, to explain the behavior reported by the OP in this thread, with "safe" advice.

As such, I do not wish to participate in a heated debate about the virtues or lack thereof for torrents or other P2P software.

Cheers,
MM
My System SpecsSystem Spec
.

24 Nov 2015   #14
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Very well said MoxieMomma.
It's been known for years that P2P and or torrents are one of the best ways to get infected. It's not news; well yes it is to some.
That is why I, them, we and others post warnings about using such method of downloading.
That is why security programs give pop up's to warn users.

I have been downloading off the internet for years and never had to use a P2P or torrent.
My System SpecsSystem Spec
26 Nov 2015   #15
Zoloft

Win7 Home Premium x64
 
 

Where you get the torrent from, like where you get ANYTHING from, is what matters. A fantastic example, a few years back, a television show, Pioneer 1, was distributed via torrent. If you wanted to see the show, you torrented it. Most (if not all) torrent clients have built in hash-checking, assuring that what you download is only the original, uncorrupted files that were originally seeded. Even if one person in that swarm is infected/is a spammer, etc, you cannot catch anything from them, as any corrupted pieces will not pass the hash check.

Now, if you grab anything and everything off of public torrent sites, without regard for who the uploader is, any any comments that may be made about the files, yes, you are very likely to get infected. But, same can be said if you download what you want from some random website that you don't know and trust. It's always about getting your documents from trusted sources.
My System SpecsSystem Spec
Reply

 Firewall Blocking Malwarebytes




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Windows firewall blocking .exe file even after firewall is disabled
Hey everyone, This is my first post, and first time I've not been able to solve my problem by searching previous posts...so hopefully someone can help me out. I'm trying to install a downloaded .exe file, and Windows firewall is blocking it regardless of whether the firewall is active or not; the...
System Security
Firewall blocking Leapfrog
I am trying to get my daughters leap pad to connect to my PC. Unfortunately, the firewall seems to be blocking the leap pad. I think I have disabled firewalls so that only Comodo is the firewall available, as leappad say only one firewall is allowed. I cannot seem to access windows firewall to be...
System Security
Malwarebytes Blocking IP address
Hi, Malwarebytes(1.70) is returning "successfully blocked access to a potentially malicious website 91.235.128.161, type outgoing, port 53041, Process: explorer.exe. I've run some p2p software recently, but have uninstalled it, and cannot understand why explorer.exe is the process implicated. I've...
System Security
Question about malwarebytes website blocking
As the title says I have a question about malwarebytes website blocking, I didn't find anything on the website about it. Does anyone know anything about it? :geek:
System Security
Please Help Firewall Blocking.
Hello. My firewall blocked games servers then I go to Control Panel\All Control Panel Items\Windows Firewall Then I go Allow a program or feature throuth Windows then: http://img825.imageshack.us/img825/755/firewallm.png But anyway blocking my Counter-Strike servers...
System Security
firewall blocking notification
How can i capture or log the fire wall blocking program notifications.. where are they stored?
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:25.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App