Trojans from utorrent - PROOF

[subyroo]

Try using Comodo Firewall Pro instead............it's a lot better than CA Firewall and it's FREE too.

Comodo Firewall Pro

[seedUpsy]

CFP3 might be a bit "complex" for our friend here. First he needs a good (and real) antivirus, antispy, and probably a Hijackthis log for the guys over at MajorGeeks or Security Cadets to take a look at for him.

Nuwan:

Find Hijackthis in a Google search, download it, do a scan and save the log, then go to securitycadets.com and post it in the appropriate forum - they will help you and get that thing out of your system, dude.

(assuming you're a man - sorry if I'm wrong ma'am)

(also surprised to see Yahoo-antispy detecting it's own tracking cookie, good for them )

[Nosnibor]

WOO HOO "avast!" rocks! I've not had ANY problems since installing avast as it scans & stops malware B4 it gets 2 my PC. I highly recomend it. Anyone hear of "System Mechanic7 Pro"? If u have run away run very far away from it!!!!!!!!!!!!!!!!!!!!!!!!!

[seedUpsy]

SM7 is hardcore - not a toy. I tested it out a while back and know first hand; it's gnarly.

[Nosnibor]

lol but i bet u havenot had it on your PC for long. try and remove it and c wat happens. also Google "System Mechanic7 Pro errors Problems" n after u read up in depth on it i bet u'll changr your mind. also if u have a problem with it and send a Q to "iolo" u will NOT get a responce!!!!

[oUrTorrent]

this just goes to show the paranoia that comes from people reading to much into their virus scanners(this includes adware, spyware, etc). If you didn't download utorrent from utorrent.com, then don't trust it. if you do download from utorrent.com and still get a virus alert, it is your virus scanner. many programs are reported as being infected with something, even though they aren't. but at times it almost seems as if they are targeting specific applications to falsely detect as a threat.

whether using utorrent for legitimate or illegal files, many of the big companies out there don't want you to have it because they can't control it or technically charge you for it. the truth leans more towards UPX than the previous. however the upx false detection problems should be addressed by those who produce these programs, they should at least automatically include exclusions of popular programs.

[jewelisheaven]

"Popular" is subjective. They certainly find out what's popular after they get (thousands) of reports. I wonder how many people actually reported the update false positive to Avast?

[GTHK]

I did by sending µT in and writing "NOT A VIRUS".

Anyway, last I checked, avast! mangles µT packets on mail ports. I was having connection issues with a few peers, and noticed the mail scanner when I wasn't sending/receiving e-mail, and so I watched with Wireshark. avast! parsed the handshake and forged another for the protocol assigned to that port, how nice of it, to send bad data and thus prevent connectivity.

[jewelisheaven]

Is there a block ports list you can make exceptions to? That certainly would make me not want to use its firewall portion :/

[GTHK]

Actually its the mail scanner . And just checked, it doesn't look like there's a way to create exceptions for it, it DOES let you enter what ports you want for what protocol. Not particularly helpful for those who use POP3, SMTP, and IMAP.

[jewelisheaven]

Hmm, couldn't that be used to spoof the port numbers, so that people who DO use those 25 110 443 ports are not intercepted by the (broken) mail scanner?

[GTHK]

Probably, but that would void it of its purpose. It's better to just use the setup program to remove that component. I'm not sure but I think avast! may have fixed it, I did complain about it. Testing another port..

Looks like they fixed it, BT communications are ok, mail scanner came up when i ran Thunderbird. Fixing the world, one broken scanner at a time XD.

[Replika]

I've downloaded from homepage, and unpack using upx (on upx.sf.net) then AVG8 detects a threat:

[Firon]

Yawn, faulty heuristics.