thedriver Posted May 7, 2015 Report Share Posted May 7, 2015 I run uTorrent Pro and my Anti-Virus and Anti-Malware (*2) software all block uTorrent from updating due to "malicious" activity of some sort.Further when I disable them to update uTorrent. When I run a scan afterwards they detect uTorrent as a malicious program. I would like advice from uTorrent why this is please and assurance that the program I paid for in good faith is not malicious. When I try to update uTorrent, Emsisoft Anti-Malware gave the following detection:Emsisoft Anti-Malware - Version 9.0SP logDate PID Application Event Detection7/05/2015 11:10:38 PM 12916 C:\Program Files (x86)\uTorrent\uTorrent.exe Blocked by rule llsw.download3.utorrent.com And ThreatTrack Vipre gives the following error during the update:Active Protection Event DetailsEventTypeEnum="2"TimeoutInSeconds="0"MonitorID="3001"MsgID="{41D66D00-A0F4-4BBE-BB10-587993AB6182}"MonitorTypeEnum="3"RecommendScan="false"SDKVersion="7.0.5725.0"ThreatDefVersion="40024"APEventID="{B9199A3A-B494-4AB1-ACBD-0B4CB814F59D}"IsAllowOk="true"IsAllowAlwaysOk="true"IsBlockOk="true"IsBlockAlwaysOk="true"IsQuarantineOk="true"EventActorEnum="2"EventDateTime="2015-05-07T23:15:21"TransactionID=""RemoteClientAddress="" Parent ProcessFilePath="C:\Program Files (x86)\uTorrent\uTorrent.exe"PID="12240"FileSize="880496"MD5=""CRC8="ECD635E346F40000"CobraPackHash="5E85C0117CD1437F"KnownAsEnum="1"ThreatID="0"AddedToUserKnown="false"Company="BitTorrent, Inc."FileVersion="3.1.3.27213"ProductName="µTorrent"ProductVersion="3.1.3.27213"Description="µTorrent"Copyright="©2012 BitTorrent, Inc. All Rights Reserved." Launch Monitor FilePath="C:\Users\ADMINI~1.COR\AppData\Local\Temp\2\uttE3BE.tmp.exe"FileSize="1441104"MD5="6daaff84372e39a3fe3f9dc7efdeefaa"CRC8="551DCFB9EBF00000"CobraPackHash="77A2189B8ABAC19E"KnownAsEnum="2"ThreatID="4150696"AddedToUserKnown="false"Company="BitTorrent Inc."FileVersion="3.4.3.40097"ProductName="µTorrent"ProductVersion="3.4.3.40097"Description="µTorrent"Copyright="©2015 BitTorrent, Inc. All Rights Reserved." Final Disposition Info DispositionEnum="2"AuthorityEnum="2"QuarantineStatusCode="0"QID=""UserName="username"ErrorEnum="0" After updating uTorrent (by disabling security software), EmsiSoft Anti-Malware detects uTorrent as such:File name: C:\users\username\AppData\Roaming\uTorrent\uTorrent.exeDiagnosis: Program is behaving in a similar manner to Spyware (LAN bypass backdoor)File name: C:\users\username\AppData\Roaming\uTorrent\uTorrent.exeDiagnosis: Program is attempting to download data invisibly from the internet Hashes of the detected object (uTorrent.exe):MD5: 17321240BA77D366C9B5760C5F0DCC2DSHA-1: C3EB68821E4A811137A32F2582A504F20A88FBDAVerified information according to the digital certificate of the detected file (uTorrent.exe):Company: BitTorrent IncCompany e-mail: Certificate authority: VeriSign Class 3 Code Signing 2010 CAValid from: 2013-06-05 10:00:00Valid to: 2016-09-04 09:59:59File information according to the publisher of the detected file (may be faked) (uTorrent.exe):Company: BitTorrent Inc.File description: µTorrentCopyright: ©2015 BitTorrent, Inc. All Rights Reserved. This is recorded in the EmsiSoft Anti-Malware Behaviour logs:Date PID Application Detection 7/05/2015 11:38:18 PM 16664 C:\Users\administrator.CORE\AppData\Roaming\uTorrent\uTorrent.exe Behavior.TrojanDownloader 7/05/2015 11:36:52 PM 16664 C:\Users\administrator.CORE\AppData\Roaming\uTorrent\uTorrent.exe Behavior.Spyware This is recorded in the EmsiSoft Anti-Malware Surf Protection log:Date PID Application Event Detection 7/05/2015 11:10:38 PM 12916 C:\Program Files (x86)\uTorrent\uTorrent.exe Blocked by rule llsw.download3.utorrent.com \ During the update process, MalwareBytes Anti-Malware detects the following:PUP.Optional.OpenCandy c:\Users\username\AppData\Local\Temp\2\uttA6e9.tmp So all three pieces of security software that I use detect some kind of malicious activity from uTorrent. What gives? Link to comment Share on other sites More sharing options...
epicsnackus Posted May 8, 2015 Report Share Posted May 8, 2015 Likewise, I discovered today that utorrent had been removed from my system by Norton Security Suite, specifically due to detection of SONAR.SuspDataRun. Please advise. Link to comment Share on other sites More sharing options...
3w4e5rytfhg Posted May 10, 2015 Report Share Posted May 10, 2015 Same here. Norton 360 killed it, and reinstlling says the same as the Norton Security Suite. I've use both programs for years, and this has never happened before. Link to comment Share on other sites More sharing options...
Jesslin Posted May 12, 2015 Report Share Posted May 12, 2015 I am having the same issue with Norton 360 removing from my computer and unable reinstall!!!! Link to comment Share on other sites More sharing options...
mike20021969 Posted May 12, 2015 Report Share Posted May 12, 2015 I am having the same issue with Norton 360 removing from my computer and unable reinstall!!!! Create an exception for uTorrent.exe in Norton 360.Better still, dump Norton. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.