false positive "utorrent.exe"

ESS reports utorrent.exe as Win32/Bunndle potentially unsafe application.

i've reported as false positive via the utility from ESS, and checking a few minutes ago, it still reports as false positive.

i've deleted the program and reinstalled it, in case it was infected, but it's still detected.

there was no problem with it a few days ago.

 

What version of uTorrent? And where did you download it from?

I have the latest stable version (3.3.0), downloaded it right from uTorrent website, and nothing is detected. ESS 6.0.308 with virus signature database 8190 (20130403) with "Potentially unsafe applications", "Potentially suspicious applications", "Potentially unwanted applications" and "Advanced Heuristics on file execution" are all enabled.

 

utorrent is bundled with OpenCandy (read license agreement of utorrent).
http://kb.eset.com/esetkb/index?page=content&id=SOLN2677
http://kb.eset.com/esetkb/index?page=content&id=SOLN2198

 

weird, i also have the latest stable directly from the website, with the same signature database.

 

but i had no problems a few days before

 

i've been using the same settings in ESS for months, and only recently it started detecting it.

 

I just downloaded uTorrent 3.3.0 again, they have modified the binary even though they didn't change the version, the file I download few days ago has a different checksum than the current, and the new one is detected by ESS as it did with yours.

It's not a false positive as IBK said, they've bundled some crapware with their new installer, very low risk though, hence why it was detected as "potentially unsafe application".

EDIT: Typos

 

Something in one of the newer releases of uTorrent is flagging the PUA. I doubt if it is an FP.

While ESET should not be supporting P2P software, try an older version and see if you yield the same results.

http://www.filehippo.com/download_utorrent/9574/

 

i checked the version from the link and it was ok.
i guess i'll have to message the creator of the application

 

It's up to you, but it's a monetization method, most probably you won't get with them to anything, therefore, if I were you I'd save my time and move on.

Such bundles have been there since long long time (toolbars anybody?) and many reputable programs include one type or another of them in their packages, not to say that I like it, but that's how it is.

Generally, there is no real immediate harm, i.e. serious security risk, from that bundled stuff, it's just "unwanted" stuff, not a virus infection.

 

Bloated software has it's implied risks. In the case of uTorrent, there's no shame in running an older version. The latest and greatest with all the bells & whistles is not always best.

 

Siljaline, good day.

Being online has its implied risks, walking down the street too.

If you want to be safe, you have to hide in a cave away from everything, and even then you won't be really safe.

I always recommend to have the latest version of any program that connects to the internet, unlike, say Photoshop which is an offline application, uTorrent is an internet application, newer versions often patch some known security vulnerabilities, and often introduce some unknown ones, the known ones are much more easily exploitable.

Same goes for security software, but since it's a little bit more complicated and cumbersome to upgrade these, I sometimes skip a newer version for a while, but not for long, unless it patches a medium-high risk vulnerability. Upgrading uTorrent is two click away and should be done, and it's still possible to remove that peace of bundled stuff from it and not allow it to exist on your system, that what security software is for.

Kind regards.

 

See my comments here:
http://www.dslreports.com/forum/r28165993-BT-uTorrent-PUA

 

Well that's a bit of mystery as ess v6.0.314 didn't detect the latest build of Utorrent( 3.3.0.29462 ) or the version prior to that, neither does ess V5 on my PC I don't download or install the bloat though

I can remember when they first started doing this, they where quite sneaky on where the options where to opt out of the bloatware , the utorrent forums was full of complaints
But that open candy does pop up in a lot of s/ware even free trial stuff

 

if you ticked the PUP detection on ESET, don't be surprised that Utorrent bundle crap is flagged as potentially malicious.