Jump to content

Utorrent problems with Norton Antivirus


Recommended Posts

hi i just updated my utorrent and my Norton antivirus went crzy

every 3 seconds it gives me a message saying utorrent attempted to hack into my computer (worm protectioN) and i say permit to allow it then it goes away and pops up again and again and again.... is there any way to stop this (ive tried permiting it manually for nortan, same problem) and i would rather not stop my worm protection...

Link to comment
Share on other sites

updater download new version utorrent.exe and replace itself(kinda old virus do this self-modify), av detect the exe file hashing changed so it alarm, i think it didn't update the new hash.

maybe copy your C:\someFolder\utorrent.exe to D:\anotherFolder\utorrent.exe, then copy back to C:\somefolder, this should update the hash, never tested.

Link to comment
Share on other sites

  • 1 month later...

I had this problem and found out what was causing it and a solution.

On one of my PC's, I had been using one of the pre-1.4 beta versions. When 1.4 was officially released, I let it update automatically. After getting the worm complaint from Norton Antivirus, I noticed that the utorrent EXE that was running was still the beta name, even though the screen identified itself as version 1.4.

The solution is to stop utorrent, delete the beta version EXE, delete any desktop icons that point at the beta EXE and then download the new 1.4 version from the utorrent site and install it. As soon as I did that, the worm error stopped immediately.

Link to comment
Share on other sites


I have been using Norton since my 1st day of PC and it had always kept me virus free (even when I am connected to a WAN, have a static IP, run IIS and also Wirelessly connected)! :|

The problem is simple. Once you unblock uTorrent in NAV the first time you start it registers its App version and App hash. These values change when you upgrade and that's coz uTorrent upgrades just replaces one exe! However, NAV does not change the hash coz, its possible that a virus or something else may change a trusted executable and connect to the net. :o

Simple solution for NAV 2005 up:

1) Close all instances of uTorrent.

2) Just go to Options -> Internet Worm Protection -> Program Control.

3) Select "utorrent" from the list.

(if not in list , then the problem is something else, try permitting it once and then start from step 1)

4) Click on remove. Confirm "yes" in the new dialog.

5) Restart uTorrent and next time when the NAV Protection dialog box pops up, just "Permit" it!

This simple steps should solve all standard problems. ;)

And hey, if you think the problem got solved, check out my photo-literary blog http://www.shamasis.net/blog/!

PS: A copy of this is posted at http://forum.utorrent.com/viewtopic.php?pid=41269#p41269 but I did not just link it because many may ignore it, otherwise its just another post! ;)

Link to comment
Share on other sites

shamasis, an antivirus product is in fact a combination of three things: a scan engine, a viral database and the application itself. In Norton Antivirus the scanning engine is very good, the viral database is decently updated and their researcher are pretty good . The problem is the application itself who is an ordinary piece of crappy bloatware. That's the truth about NAV :)

Link to comment
Share on other sites

Let's not forget the rootkit they've been using for years, or the fact that Norton has been disabled by worms more than a few times.

OR the fact Norton and Sony were in bed together over the Sony BMG XCP Rootkit. Norton (the company) were fully aware about Sony's evil little toy even before Sony first released it to the public...so their antivirus/antispyware software wouldn't accidentally detect it. Norton finally changed its stance, but they did so only as a political ploy.

A couple years back, I was using Kazaa Lite with even a little homebrew stuff to make it almost useful. And I was noticing all the worms/viruses on the fasttrack network. One in particular I could easily find because it was named BearShare 5.1.1.exe. I regularly did searches of it and private messaged those people that they had a virus on their computer. Usually, the private messages never reached the people I was trying to send to. Or the message was blocked because they had private messages disabled. But I probably still reached maybe 10% out of over 3,000. (Yeah, I was busy for a few months.) It was an interesting study in the kinds of people who get computer viruses. Some said thank you for the info, though I do not know if they knew how to use it.

The most common response was basically: "GFY, I don't have a virus!"

One of the most vocal in saying that, I challened him as a hacker. His reason for saying he didn't have a virus was he had Norton AV fully up-to-date and it found nothing. After I held his hand as he manually examined his system and even downloaded a piece of one of the viruses' copies from him, he had to conclude I was right.

Ok, no big deal -- in the case of virus outbreaks, antivirus software can sometimes lag behind -- especially in fields they don't really study, such as p2p-viruses. But I did something else. 6 months after the virus started appearing, I took a floppy with copies of the virus on it over to a friend's house that had Norton on it. Even that updated Norton found nothing.

The only thing I could conclude was these viruses were either corporate-sponsored and Norton was simply paid to look the other way. Or the makers of Norton AV were grossly incompetent.

But regardless of which conclusion I come to, one thing is CERTAIN:

Protecting us was never their ulterior motive.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...