Hello. I seem to get a lot of "Risky Connections Blocked" by NetGuard whenever I have a bittorrent client opened. I had tixati downloaded on 3 different PCs and on all of them it prompts mcafee to "block" risky connections from them. The thing is it wasn't downloading any torrents at the time.
I wonder what the program is doing that its making risky connections when its not supposed to be doing anything (it wasn't downloading or uploading and didn't have any active torrents). The program itself seemed to be making connections by itself that were deemed "risky" by mcafee threat intelligence. Does anyone know why this is?
I stopped using Tixati because I feared maybe it was infected by malware or something. I am using Deluge now but now today I have gotten the same "Risky Connection Blocked" by NetGuard. It's the same issue. There's no torrents active, so it's not supposed to be connecting to anyone!
It doesn't seem to be unique to Tixati then because Deluge has the same problem as well. It seems whatever bittorrent clients I download have "risky connections" being detected by NetGuard even when they are idle and have no active torrents. These are supposed to be lightweight minimal clients as well. I think deluge is even opensource. It's strange that they are making these connections without any active torrents. I've downloaded multiple versions and two different clients and mcafee always detects something.
Does anyone know why all these different bittorrent clients are having "risky connections blocked" by NetGuard even when they're idle? Is it safe to use them?
I've done lots of scans by the way with several different antiviruses and malware scanners on all my PCs. I don't seem to have any infections. It's always these programs and not other processes on the system that are making the risky connections anyway. Only when they are open. But strangely not when they have active torrents!
Here's the last IP deluge was connecting to when idle: 220.127.116.11
This IP is in China but the Tixati IPs were in russia and ukraine.
Thanks in advance for any help. It's a headscratcher.
Netguard would block any connections to known bad URL's. Probably at best for advertising purposes and at worst for spying on you or possibly stealing passwords. Be very wary of obscure software especially Torrent software. Research them online before installing anything. I've never even heard of them. If I really have to use a Torrent I tend to only use uTorrent which seems to be the best of a bad bunch.
Scan with AdwCleaner and Malwarebytes Free - see the last link below.
Toronto ▪ Canada
Volunteer Moderator - Consumer Products
I CAN'T HELP PRIVATELY - PLEASE POST IN THE FORUMS
Use Advanced Search To Find Answers
Tixati has a good reputation and is said not to contain any adware/spyware/malware so the outgoing connections even when the program is idle must be a feature of P2P networking. As for that IP address in China it has a Red rating from TrustedSource - 18.104.22.168 - IP - McAfee Labs Threat Center
I'm not surprised to see connections to addresses in Russia and Ukraine but I would expect some of those to be risky as well.
Edit - I forgot to add these.
Torrent poisoning - Wikipedia, the free encyclopedia - something to watch out for.
Thanks. Yeah it must be something to do with P2P since both clients seem to do it.
What're the chances of being infected and mcafee wrongly blaming the torrent clients though? I'll be running a scan anyway just in case.
P2P downloads are reckoned to be high risk in terms of acquiring malware. As in all these things, if you know what you're doing and use a reliable program like Tixati, don't run risks with the stuff you're downloading, and run regular scans, you're relatively safe. But not entirely. That's as much as I can offer; you'll have to do a bit of research if you need more information.