uTorrent.exe
µTorrent by BitTorrent Inc (Signed)
Warning 4 antivirus scanners has detected malware in various versions of uTorrent.exe.
Overview
There are 31 versions of uTorrent.exe in the wild, the latest version being 3.2.3.28705. uTorrent.exe is run as a standard windows process with the logged in user's account privileges. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. The average file size is about 802.53 KB. The file is a digitally signed and issued to BitTorrent Inc by VeriSign. The programs µTorrent, Stardock Decor8 and MyHarmony have been observed as installing specific variations of uTorrent.exe. During the process's lifecycle, the typical CPU resource utilization is about 0.0084% including both foreground and background operations, the average private memory consumption is about 29.72 MB with the maximum memory reaching around 41.56 MB. Addionally, typically read and write I/O disk operations is about 11.16 MB per minute for reads and 2.57 MB per minute for writes.
What is uTorrent.exe?
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version. Some uTorrent installs include adware in the form of the Conduit Engine, which installs a toolbar, and makes homepage and default search engine changes to a user's web browser.
About uTorrent.exe (from BitTorrent Inc)
“µTorrent is designed to consume as few resources as possible to avoid impacting your computer use. µTorrent will work on Windows XP and up, including Windows 7. BitTorrent's two main products today in”
 Details
|
| File name: | uTorrent.exe |
| Publisher: | BitTorrent, Inc. |
| Product name: | µTorrent |
| Typical file path: | C:\Program Files\utorrent\utorrent.exe |
| Certificate |
| Issued to: | BitTorrent Inc |
| Authority (CA): | VeriSign |
| Effective date: | Sunday, June 20, 2010 |
| Expiration date: | Friday, July 26, 2013 |
Programs installed in
(Note, the programs listed below are for all versions of µTorrent.)
|
Adobe Systems Incorporated |
|
Apple's iTunes is a proprietary media player computer program, used for playing and organizing digital music and video files on desktop computers. It can also manage contents on iPod, iPhone and iPad....
LAME is a library that allows some programs to encode MP3 files. LAME is free, but in some countries you may need to pay a license fee in order to legally encode MP3 files.
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version. Some uTorrent installs include potentially unwanted applic...
|
Computer Systems Odessa corp. |
|
“ConceptDraw MINDMAP offers a variety of outputs, making it easy to share map content in the appropriate format. Creating output is simple; just one click allows you to output to other applications, su...”
“Does your Internet services provider supply you with the service speeds that were advertised? Does it do this 24 hours a day 7 days a week? With this free program you can perform regular internet spee...”
“calibre is a free and open source e-book library management application developed by users of e-books for users of e-books. It has a cornucopia of features divided into Library Management, E-book conv...”
Windows Media Encoder is a freely downloadable media encoder developed by Microsoft which enables content developers to convert or capture both live and prerecorded audio, video, and computer screen i...
Firefox 21 was released on May 14, 2013. The Social API now supports multiple providers, enhanced three-state UI for Do Not Track (DNT). Mozilla Firefox is a free and open source is a web browser coor...
The Opera browser is a free web browser that handles common Internet-related tasks such as displaying web sites, sending and receiving e-mail messages, managing contacts, chatting on IRC, downloading ...
CCleaner developed by Piriform, is a utility program used to clean potentially unwanted files and invalid Windows Registry entries from a computer. CCleaner supports the cleaning of temporary or poten...
Defraggler is a defragmentation utility which allows users to defragment individual files on their computer system. Defraggler can defragment individual files, groups of files (in a folder) or an enti...
Recuva is a data recovery program and is able to recover files that have been "permanently" deleted and marked by the operating system as free space. As with other file recovery programs Recuva works ...
“Pinnacle is a software program that enables you to play your favorite games with any gamepad, joystick, or other type of game controller. Pinnacle comes preconfigured for most popular game titles and ...”
Spotify is a Swedish music streaming service offering digitally restricted streaming of selected music from a range of major and independent record labels, including Sony, EMI, Warner Music Group and ...
“Windows 8 limits your start screen customization options to only a few provided background images and a few pre-defined color schemes. Decor8 removes these limitations and provides the freedom to per...”
“MATLAB® is a high-level language and interactive environment for numerical computation, visualization, and programming. Using MATLAB, you can analyze data, develop algorithms, and create models and ap...”
Counter-Strike is a tactical first-person shooter video game developed by Valve Corporation which originated from a Half-Life modification. The game has been expanded into a series since its original ...
Behaviors
(Note, the behaviors below are for all versions of uTorrent.exe, select a unique version for details.)
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'uTorrent' → "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\PROGRAMAS\utorrent\utorrent-plus\utorrent-plus-3.1.exe'
- Firewall exception for 'C:\Documents and Settings\Administratör\Skrivbord\26051-671819-utorrent.exe'
- Firewall exception for 'C:\Program Files\uTorrent\uTorrent.exe'
- Firewall exception for 'C:\Program Files\uTorrent\uTorrent.exe'
- Firewall exception for 'C:\Documents and Settings\věruška\Dokumenty\Stažené soubory\uTorrent.exe'
- Firewall exception for 'C:\Documents and Settings\user\Desktop\uTorrent.exe'
- Firewall exception for 'C:\Software\uTorrent.exe'
- Firewall exception for 'C:\Program Files\uTorrent\uTorrent.exe'
- Firewall exception for 'C:\Program Files\uTorrent\uTorrent.exe'
Scheduled tasks
- The job '{3E0C592A-6E89-47B8-B8E8-7EFA3DE8B8BB}' runs on registration in the path '\{3E0C592A-6E89-47B8-B8E8-7EFA3DE8B8BB}'
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Agent |
3.2.3.28705 |
| eSafe |
7.0.17.0 |
Win32.TrojanHorse |
1.8.5.17414 |
| Trend Micro HouseCall |
9.700.0.1001 |
HV_ZYX_BL132900.TOMC |
3.2.2.28500 |
| Trend Micro HouseCall |
9.700.0.1001 |
HV_ZYX_BL132900.TOMC |
3.2.2.28500 |
All file variations of uTorrent.exe
Distribution by Windows OS
| OS version | distribution |
| Microsoft Windows XP |
35.91% |
|
| Windows 7 Ultimate |
22.73% |
|
| Windows 7 Home Premium |
18.64% |
|
| Windows 8 Pro |
6.36% |
|
| Windows 7 Professional |
5.45% |
|
| Windows Vista Home Premium |
3.64% |
|
| Windows 8 |
2.73% |
|
| Windows XP Professional |
1.36% |
|
| Windows 7 Home Basic |
1.36% |
|
| Windows 8 Enterprise N |
0.91% |
|
| Windows 8 Release Preview |
0.45% |
|
| Windows 8 Pro with Media Center |
0.45% |
|
Distribution by country
United States installs about 16.00% of µTorrent.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
28.57% |
|
| Hewlett-Packard |
21.43% |
|
| GIGABYTE |
11.43% |
|
| Acer |
7.14% |
|
| Lenovo |
5.71% |
|
| American Megatrends |
5.71% |
|
| ASUS |
5.71% |
|
| Toshiba |
5.71% |
|
| Compaq |
2.86% |
|
| MSI |
2.86% |
|
| Alienware |
1.43% |
|
| Samsung |
1.43% |
|
