Jump to content
ErikMouse

uTorrent False Positive?

Recommended Posts

I just noticed in my recent scan results, I was finding uTorrent being detected with the following log.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/16/19
Scan Time: 2:17 AM
Log File: e24cd1c8-31ba-11e9-8d7a-00219b655bbe.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9292
License: Premium

-System Information-
OS: Windows 10 (Build 17134.523)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 506435
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 40 min, 46 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
PUP.Optional.ASK.OPC, C:\USERS\MORPHFOREST\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.1_31139.EXE, Quarantined, [12860], [639652],1.0.9292
PUP.Optional.ASK.OPC, C:\USERS\MORPHFOREST\DOWNLOADS\UTORRENT.EXE, Quarantined, [12860], [639652],1.0.9292

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Also, the download to get uTorrent whether it is on download-new.utorrent.com or download-hr.utorrent.com is coming up as blocked due to adware.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/16/19
Protection Event Time: 3:18 AM
Log File: 717b5b64-31c3-11e9-a94b-00219b655bbe.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9292
License: Premium

-System Information-
OS: Windows 10 (Build 17134.523)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Adware
Domain: download-new.utorrent.com
IP Address: 67.215.238.66
Port: [65101]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/16/19
Protection Event Time: 3:12 AM
Log File: 8a69a4e2-31c2-11e9-b236-00219b655bbe.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.538
Update Package Version: 1.0.9292
License: Premium

-System Information-
OS: Windows 10 (Build 17134.523)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Adware
Domain: download-hr.utorrent.com
IP Address: 67.215.238.66
Port: [64992]
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)

--
Erik

Share this post


Link to post
Share on other sites

Hi,

This isn't a false positive. We added detection for this since yesterday, as these installers are bundled installers (bundled with OpenCandy, which is an adware module).

You can ignore detection for this if you want. Just be aware that, when you install or update uTorrent, during install, please read the install-screens carefully, especially when it offers additional programs (or toolbars/searchengines etc etc) and unselect in case you don't want these additional (adware) offers.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.