FP- Utorrent update


When i was trying to update Utorrent to version 2.0.4 this file was first sandboxed and then caught by the antivirus . Here is a screenshot i have sent through CIS5.
Could anyone tell why it was first sandboxed? It was a detection of the behavior blocker, or the heuristic of the antivirus? I am asking this because i have automatically quarantine.


[attachment deleted by admin]

Hi Peter5,

If you can find the file,you can submit through this link:Comodo Firewall | Get Best Personal Firewall Software for $29.99 A Year we can go to have a look at it.
Because the heuristic of the antivirus , the file is detected by CIS.

Thanks and Regards,

I also get this too. Every time a new beta version for "utorrent comes out and update it. It get flagged as duel.extension.@1 I always click on "report as false positive. It’s easily repeatable. It happens with every update.

Just download and install this

Then open it, click on “check for updates”. Let it update. Then comodo will flag it

Weird, now comodo does not detect it either one. I have submitted the file utt85E5.tmp.bat through the link, but the other file i could not (do not know why).
But could you answer me 2 questions Guoqiang:

1- if i already submitted through CIS5 why did i have to submit again through the link.
2- To submit the file i must put in exclusions (anti-virus), right? But if the file is activated it will go to the sandbox?
I am asking this because if in the end it is malware i will still be protected, right?

Many thanks.

Hi Peter5,

About the two question,
1.If you submit through the link ,i can receive the samples qucikly and process it.
2.You can try it,if it run in the sandbox you can close sandbox.

You can close HERU,when you update the application next time.

Thanks and Regards,

Thanks for the answers Guoqiang.



This False Positive has been fixed. You can check with Virus Signature Database version 6214 and confirm it.

Best regards,