Jump to content

41.203.69.1 - Battle.net agent


Recommended Posts

I am sorry if I post this in the wrong section. If so, please tell me and move it.

Malwarebytes started to block this IP all of a sudden. I have Blizzard's Battle.net launcher, and it is currently updating World of Warcraft.

I've never reported a false positive before, so sorry if I do something wrong. The agent will be attached below. However, I am not sure if it will run without the other files. If you need more files please tell me.

I don't really use WinRar that often. I was not sure how to zip a file. I hope it doesn't do anything.

 

Update, 30.08.2014 20:03:42, SYSTEM, MAGNUS-PC, Scheduler, Malware Database, 2014.8.30.5, 2014.8.30.6, 

Protection, 30.08.2014 20:04:07, SYSTEM, MAGNUS-PC, Protection, Refresh, Starting, 

Protection, 30.08.2014 20:04:07, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 30.08.2014 20:04:07, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 30.08.2014 20:04:11, SYSTEM, MAGNUS-PC, Protection, Refresh, Success, 

Protection, 30.08.2014 20:04:11, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, Starting, 

Protection, 30.08.2014 20:04:11, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, Started, 

Detection, 30.08.2014 22:11:54, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 6881, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

Detection, 30.08.2014 22:11:54, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 6881, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

Detection, 30.08.2014 22:11:58, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 58005, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

Detection, 30.08.2014 22:12:28, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 58337, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

Detection, 30.08.2014 22:14:28, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 59181, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

Detection, 30.08.2014 22:14:28, SYSTEM, MAGNUS-PC, Protection, Malicious Website Protection, IP, 41.203.69.1, 59181, Outbound, C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe, 

 

(end)

BnetAgent.rar

Link to post
Share on other sites

After a search I figured out that the Battle.net launcher is using P2P. So it is getting files both from other users and Blizzard themselves. This boosts download speeds. If you go to the options you are able to turn this off. I am going to leave it off from now on. This is probably what has caused the detection.

Link to post
Share on other sites

This is not an F/P (the IP you've mentioned is heavily involved in RATs and has been for some time)

Good thing I have Malwarebytes Pro then! The Battle.net launcher uses P2P to download files faster in some cases. I have now turned it off, and it is never coming back!

I guess you can go ahead and close this now.

Link to post
Share on other sites

BibboBabbo:
 
This thread is Tagara's thread.  If you have an issue, please start your own thread.

 

Please reference: Important: Please Read Before Reporting A False Positive
 
Post #2

If you are not a member of Staff or Experts group please do not reply to other users posts in either the File or Web Blocking forums.

 
Thank you for understanding.
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.