Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: jonathanmcomeau on September 21, 2015, 12:37:02 PM

Title: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 12:37:02 PM
Hi,

     I'm not sure if this goes into this board or the virus/malware board. I just updated my virus definition today. I have the current 10.4.2233 version, with definitions 150921-0. So, I updated it, then went to my torrent site that I've always used, and used yesterday. Clicked to get one, and avast blocked it, saying uTorrent was malware and told me to do a boot scan, which it then removed it and placed it in the chest. Just wondering if it's a definitions problem that caused that? What should I do? Thanks for any feedback.
Title: Re: Avast just blocked uTorrent
Post by: Pondus on September 21, 2015, 01:05:13 PM
What malware name did avast give when detecting it?

Title: Re: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 01:10:11 PM
Win32:Malware-gen
Title: Re: Avast just blocked uTorrent
Post by: Pondus on September 21, 2015, 01:21:48 PM
report it here  https://support.avast.com -> avast virus lab

Title: Re: Avast just blocked uTorrent
Post by: Be Secure on September 21, 2015, 01:24:15 PM
Pls Upload the uTorrent file to Virus total
Title: Re: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 01:32:49 PM
I just submitted a ticket to the virus lab. What do you mean upload the file to virus total?
Title: Re: Avast just blocked uTorrent
Post by: Be Secure on September 21, 2015, 01:41:58 PM
What do you mean upload the file to virus total?
To be sure it is a malware or not?
Title: Re: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 01:42:38 PM
ok, I googled virus total, and I see what it is. But how do I upload the file when avast has placed it in the virus chest, blocked it , whatever?
Title: Re: Avast just blocked uTorrent
Post by: Be Secure on September 21, 2015, 01:51:42 PM
ok, I googled virus total, and I see what it is. But how do I upload the file when avast has placed it in the virus chest, blocked it , whatever?
Just disable avast! for 10 min and extract to desktop and upload it to VT and when VT Scan is finished pls don't forget to enable the protection.
Title: Re: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 01:59:22 PM
ok, I did that. I extracted the 3 files it took away. One said that it was fine. 0/56. the other 2, were 3/56.
Title: Re: Avast just blocked uTorrent
Post by: Be Secure on September 21, 2015, 02:02:53 PM
ok, I did that. I extracted the 3 files it took away. One said that it was fine. 0/56. the other 2, were 3/56.
Pls post vt links.Which 2 were 3/56? you should only extract the utorrent.
Title: Re: Avast just blocked uTorrent
Post by: jonathanmcomeau on September 21, 2015, 02:06:20 PM
https://www.virustotal.com/en/file/6c358284aca083a7ccf1e29d83264eb1adf69fcbbf409fd37c6424ef6b723664/analysis/

That is the one that was fine. (file utorrentie)

https://www.virustotal.com/en/file/64d7da86d5fee292b2186c3f6ce59c88ed42725427c48a7d3384e4e5679b20b3/analysis/

This is one of the ones that came up as saying 3 (this was just for the utorrent file)

https://www.virustotal.com/en/file/64d7da86d5fee292b2186c3f6ce59c88ed42725427c48a7d3384e4e5679b20b3/analysis/

This is the other one saying it was 3. (this is utorrent file 3.4.5_41073)
Title: Re: Avast just blocked uTorrent
Post by: Pondus on September 21, 2015, 05:04:40 PM
seems two of thos files are bundled with OpenCandy PUP

PUP = Potentially Unwanted Program  https://www.virusbtn.com/resources/glossary/potentially_unwanted.xml

Title: Re: Avast just blocked uTorrent
Post by: 1234ava on September 22, 2015, 12:42:58 AM
@jonathan
Here is an article giving information about OpenCandy. http://www.bleepingcomputer.com/forums/t/504224/pup-issues-malwarebytes-anti-malware/

It's not a virus or malware. It's sort of a "plugin" which, during the installation of a program, may ask if you want to download another software package. If you are not interested in the other program, just deselect the check box.

BTW, my understanding is that "Win32:Malware-gen" is heuristic.