manga_jk13 Posted December 4, 2014 Report Share Posted December 4, 2014 So here's the report: Eventos exportados: 04/12/2014 13:30 [system Scanner] Malware detectado El fichero 'C:\Documents and Settings\J\Datos de programa\uTorrent\uTorrent.exe' contenía un virus o programa no deseado 'TR/Strictor.1385229.2' [trojan]. Acciones realizadas: Error al intentar crear una copia de seguridad del fichero y éste no se ha eliminado. Número de error: 26003. No se pudo eliminar el fichero! Se intenta ejecutar la acción con ayuda de la biblioteca ARK. El fichero se movió al directorio de cuarentena usando el nombre '4fc53053.qua'! No se pudo reparar la entrada del registro <HKEY_USERS\S-1-5-21-436374069-1078081533-1177238915-1003\SOFTWARE\Microsoft\Win dows\CurrentVersion\Run\uTorrent>. Para finalizar la reparación se recomienda reiniciar el ordenador. La entrada del registro <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\Fi rewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\J\Datos de programa\uTorrent\uTorrent.exe> se reparó correctamente. La entrada del registro <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\Firewa llPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\J\Datos de programa\uTorrent\uTorrent.exe> se reparó correctamente. La entrada del registro <HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\Firewa llPolicy\StandardProfile\AuthorizedApplications\List\C:\Documents and Settings\J\Datos de programa\uTorrent\uTorrent.exe> se reparó correctamente. 04/12/2014 13:24 [Real-Time Protection] Malware detectado En el fichero 'C:\Documents and Settings\J\Datos de programa\uTorrent\uTorrent.exe' se detectó el virus o programa no deseado 'TR/Strictor.1385229.2' [trojan]. Acción ejecutada: Denegar acceso How did this happen?? Link to comment Share on other sites More sharing options...
Constantin493 Posted December 4, 2014 Report Share Posted December 4, 2014 I have the same problem here, i have avira and by this moment two infections. 1) Rogue.100348322) strictor.1385229.2 Link to comment Share on other sites More sharing options...
ichbin Posted December 4, 2014 Report Share Posted December 4, 2014 I have the same problem here, i have avira and by this moment two infections.Me Two....I believe that have to do with an update on the Avira Library.But the Question is Is it a real Positive or false Positive Alert. Has anyone a good Idea how to find that out Link to comment Share on other sites More sharing options...
szekelya Posted December 4, 2014 Report Share Posted December 4, 2014 Hi, any chance that you have updated Avira's virus definition files today? Avira just reported the same on my Mom's PC. I suspect a false positive here. cheersszekelya Link to comment Share on other sites More sharing options...
yzily Posted December 4, 2014 Report Share Posted December 4, 2014 Got the tr.strictor too, tried to reinstall it, but it's spamming again and again, need to know if it's false positive or not. Weird thing is when i remove tr.strictor, utorrent is getting uninstalled too. Link to comment Share on other sites More sharing options...
wheng Posted December 4, 2014 Report Share Posted December 4, 2014 Same here with Avira: Virus or unwanted program 'TR/Strictor.1385229.2 [trojan]'detected in file 'C:\Users\***\AppData\Roaming\uTorrent\uTorrent.exe. Link to comment Share on other sites More sharing options...
Constantin493 Posted December 4, 2014 Report Share Posted December 4, 2014 I have dissabled te utorrent adds. I searched and i found these: 1) http://www.herdprotect.com/msimg32.dll-ffa871e944c10df763629b1fa1272d3092e78f29.aspx 2) https://www.virustotal.com/en/file/13f9fb0b901771e3b07f860f60c65098d8e898bbc4d16976fd498184f09ca99b/analysis/ I have the first file, but because it is in System32 i will wait till the end of scan of avira. Link to comment Share on other sites More sharing options...
Constantin493 Posted December 4, 2014 Report Share Posted December 4, 2014 Maybe this is a false alarm, i am not so sure. But to be sure place the file to quarantine, i dont if this makes a differnce just a thought. Link to comment Share on other sites More sharing options...
Yolei Posted December 4, 2014 Report Share Posted December 4, 2014 Same here. I use Avira. Update:I updated Avira a minute ago, and now it's ok. Re-scanned the quarantined items, and no viruses found. Link to comment Share on other sites More sharing options...
gabrio81 Posted December 4, 2014 Report Share Posted December 4, 2014 me too, can we confirm is it false positive? I've submitted a bug report to avira, can you guys do the same? https://my.avira.com/en/dashboard/userid/guest/ltb/feedback Link to comment Share on other sites More sharing options...
gabrio81 Posted December 4, 2014 Report Share Posted December 4, 2014 @Yolei looks like that worked, I have just forced a manual update and no more message. weird though. Link to comment Share on other sites More sharing options...
manga_jk13 Posted December 4, 2014 Author Report Share Posted December 4, 2014 Manual update then, thanks for the tip. Most likely a false positive that got corrected in the update, or a conspiracy! Link to comment Share on other sites More sharing options...
Sheriziya Posted December 19, 2014 Report Share Posted December 19, 2014 I've gotten a message from GData today that Utorrent had a Trojan. I deleted the file, just to be on the safe side and wanted to download it again. The download site also got blocked by GData: In my browser: Website blocked!G DATA TOTAL PROTECTION has denied access to this website.The site contains infected code: Application.Generic.995013 (Engine A), Win32.Application.OpenCandy.F (Engine . Virus Alert pop-up alert: Virus: Application.Generic.995013 (Engine A), Win32.Application.OpenCandy.F (Engine Virus found while downloading content from the web.Address: http://download-new.utorrent.com/endpoint/utorrent/os/windows/track/stable/Status: Access denied. Is this a false positive, or is something indeed going on? And how do I fix this? Thanks for the help! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.