
uTorrent tricking users into changing default browser settings? - gantengx
http://forum.utorrent.com/viewtopic.php?id=139892
======
gilgoomesh
Simple: don't use uTorrent. Use Transmission instead:

[http://www.transmissionbt.com](http://www.transmissionbt.com)

~~~
gantengx
there are other options too :)

Deluge - [http://deluge-torrent.org/](http://deluge-torrent.org/)

Tixati - [http://www.tixati.com/](http://www.tixati.com/)

qBittorrent - [http://www.qbittorrent.org/](http://www.qbittorrent.org/)

~~~
xanderstrike
Third for Deluge. uTorrent users will find it's interface very familiar.

------
laureny
First Vuze, then uTorrent. It looks like the life cycle of any popular torrent
application is:

\- Starts very light, bare bones, downloads torrents and that's all

\- Gets bloated with more and more features that nobody wants

\- Partners with a shady company

\- Dies

Off to alternatives I go.

~~~
gkop
Azureus/Vuze was never lightweight, and does not appear to have died. And
uTorrent didn't begin to bloat out until after it was acquired by BitTorrent,
Inc..

Edit: I think by partners with shady company you mean the malware company, not
BitTorrent, Inc.. Just like Vuze has 3rd-party malware. Coincidentally (?),
some Vuze malware reports mention Yahoo! being surreptitiously enabled just
like the article.

~~~
pessimizer
Agreed. Azureus was consistently the most bloated, slowest torrent client
available. Vuze was an expansion of that.

------
buro9
Ah, this explains what happened to my girlfriend who was using bittorrent to
download bundles of academic papers.

I couldn't figure out why all of her search and homepage settings had changed,
and how they were so resilient that they were re-applied.

I did find SearchProtect, and eventually managed to remove it (uninstalls, +
registry hacking, + force deleting files, + nuking the browser installs and
re-installing).

But I hadn't figured out where it had come from as my girlfriend didn't
believe that she'd installed anything and although I saw uTorrent I thought
nothing of that since I didn't believe it installed such `add-ons`.

For those who encounter this, SearchProtect is really nasty. Really hard to
remove.

~~~
Macuyiko
Currently have the same problem on one of my machines. Luckily, I knew already
about the culprit.

Really nasty stuff -- never using uTorrent again. Was already getting annoyed
by latest updates and ads anyway/

To save me (still have to remove SearchProtect) and others here some time...
any pointers to website or other reference on how to really remove this thing?

~~~
DanBC
Once "they've" run malware on your machine it's no longer your machine and
nothing can be trusted.

Wipe and re-install, then very carefully restore backups of data.

~~~
tanzam75
> _Once "they've" run malware on your machine it's no longer your machine and
> nothing can be trusted. Wipe and re-install, then very carefully restore
> backups of data. _

That is a general rule for malware that you do not know anything about.

However, the SearchProtect install bundled with µTorrent is only malware to
the extent that it prevents you from changing your browser defaults. It is not
believed to exhibit the other characteristics of malware. It is annoying,
scammy, scummy, evil, etc. -- but it does not appear to compromise your system
badly enough to require a reformat and clean install.

It's just one step beyond accidentally installing the Ask Toolbar with a new
Java install. Yes, it is theoretically possible that it could've taken over
your machine. But most likely not.

P.S. Take a look at the Wikipedia page for SearchProtect. Specifically,
History and Talk. There's one high-up editor who's been stonewalling any
attempt to add a Criticism section, on the basis that Wikipedia cannot link to
user posts.

------
cmsimike
Wasn't uTorrent The Best Thing Ever when it first hit the scene? I seem to
recall it was this application. It was about a 93k executable that didn't need
to be installed. Just download and run. It was my go to torrent client of
choice during my Windows days. Sad to see it become this.

~~~
orbitur
As annoyed as I am by the reactions here (uTorrent didn't maliciously install
adware behind anyone's back), I moved to Mac in 2009 and stayed there until I
decided to build an HTPC for my living room. First thing I did was install
uTorrent, and I was confronted with so much bloat. There are ads INSIDE the
torrent list, and there are options to stream video/music. Completely
unexpected.

From what I understand, there hasn't been a client that's truly taken its
place.

~~~
hayksaakian
Like others have noted, if you were happy with uTorrent in 2009, just use an
older version.

There's really not much different with torrents in the last few years.

Magnet link support is the only thin I can think of.

~~~
plaguuuuuu
What about security vulns

~~~
gcb0
The new version runs ten ad networks' code.. I'd bet the 93k one is safer

------
xanderstrike
Switch to Deluge[1]! It's Free Software, and is so similar to uTorrent you
won't notice the difference.

The day uTorrent pushed the update that tried to install a browser extension I
was absolutely done with them. I do not support malware in any shape or form.

[1] [http://deluge-torrent.org/](http://deluge-torrent.org/)

------
product50
Surprising that no-one is talking about Yahoo and their tactics to get more
users. I am sure SearchProtect and Yahoo! here have a deal to push as many
default searches as possible to drive revenue.

~~~
medell
These kind of shady deals can't be good in the long run. If you work at a
company that suggests this, make sure to voice your opinion.

Someone should start a site that allows users to vote on a software company's
trust factor. :)

~~~
dsl
Yahoo has been doing these "Search Distribution Deals" for many years, as long
as I can remember in fact. Bing was at one point paying $20+ per toolbar
install when they were trying to gain market share. Google has done paid
toolbar distribution as well.

The reason it is still around is because it is so damn effective.

------
znowi
Wow, this is an unusual step for Yahoo. Who would think that a hijack process
that tempers with user's browser settings is a good idea? Hello, Marissa
Mayer?

As for uTorrent, it's been going down this path for a while, gradually
introducing _crap_ into the app. And this one is the last for me, as well.

Btw, apparently, they turned off registration on the forum to ward off the
mounting complains. When I go to
[https://forum.utorrent.com/register.php](https://forum.utorrent.com/register.php),
I'm greeted with _Get lost spammer, we don 't need your kind here._ And of
course the topic is closed. Well done.

------
sheepz
This is why I love Linux. Every generic piece of software comes with no BS
attached. For example, on Windows, if you want to mount an ISO you have to
download some shady piece of software, the installer of which comes bundled
with n toolbars. In Linux it's a matter of a simple one-line command...

~~~
eball
Adware goes to where there are a lot of non tech savvy users. If desktop Linux
gets more traction, you'll see such search hijacking on there too. Note that
this story is about search hijacking on OS X, not Windows.

~~~
simias
The use of a package manager/app store might help prevent that though. They
won't be able to bundle crapware in their installers.

~~~
Xylakant
How? Every package manager that I've seen so far allows installations of
locally downloaded packages. Some will even helpfully download all
dependencies. That's a good thing in general, however, the package could just
as well contain adware/spyware. And every package format that I know of
supports post-install scripts, those could easily change configuration
settings. Since package install runs as root that added layer of security
doesn't help here.

------
lingben
Simple solution: go back to using the old, barebones, simple, fast utorrent v
2.2.1

[http://www.filehippo.com/download_utorrent/9859/](http://www.filehippo.com/download_utorrent/9859/)

runs fast, no ads, no issues, just works!

~~~
sydbarrett
Hey thanks for piggybacking onto my response, classy.

~~~
lnanek2
You are marked as dead in some posts above, so only people with the right
options set in their settings can see your posts. If it happened recently, it
was probably for that ethnic slur starting with k I see above.

~~~
aaronem
Someone must've posted an HN link on 4chan.

------
alan_cx
If memory serves, uTorrent lost trust-ability when it got sold. IIRC, that
means post version 1.6.1 it became a concern and began to needlessly bloat.
Prior to that is was a brilliant bit of software.

1.6.1 is light weight, unmolested, and still worth using.

~~~
pessimizer
Released in Feb 2007, and the last version worth using.

------
mercurialshark
So glad someone posted on this bullshit. Not only has uTorrent started doing
this, but BBEdit 10 and some other previously not super shady software has
too.

~~~
bsg75
What is BBEdit doing?

------
eYsYs
This reminds me of an argument given by my friend proposing that a person has
a higher tendency to do bad to the people who we know are bad. Even your good-
guy-Greg has an inclination (of sorts) to bring down/harass/make money off
your scumbag-Steve, even when Steve's actions were inconsequential to Greg;
which I thought was an apt observation from someone who thinks a lot in
absolutes. Maybe its the 'easy to get away with factor' or maybe its the karma
kicking in.

My point is, torrent usage is synonymous to piracy, infringement and other
illegal activities. So, perhaps it is this tendency that makes people at
uTorrent think that it is not totally wrong to rip off people who are ripping
off content & software makers. In my experience, I never fully trusted
uTorrent. It is simply difficult to trust something that allows advertisement
of malware, porn, fraudulent sites. It started off quite well, but then it has
been on my watch list since quite some time now.

------
ParadisoShlee
Even Sun installs some kind of ad toolbar in Java!

~~~
damian2000
yeah the Ask Toolbar is crap but at least that's opt-in... this is search
hijacking.

~~~
chilldream
It's opt-out, unless they changed it recently. I've lost count of how many
times I've had to uncheck that checkbox.

------
orillian
For people having issues finding the files that need to be removed, look for
anything related to Conduit; and remove that. SearchProtect and a few of the
other names are not what the software is called in all cases it seems. I had
to remove this from my wifes machine yesterday, and everything was related to
a Conduit installer. No mention of SearchProtect.

uTorrent is gone in our case, I've moved her over to using Qget with our Qnap
NAS and while it's not as feature rich as uTorrent it's a much better option.
And it's one I can watch and control a little better as well!

------
paulrademacher
This isn't malware. Malware is defined as software meant to disrupt or
compromise your machine.

This is fuckyou-ware. Software that serves a reasonable purpose, but does it
with utter contempt for the user.

~~~
unsignedint
Software that is persistently forcing certain setting against the user's
intention does sounds like malware, though.

With this particular case, this piece of software keeps resetting the user's
start page to Yahoo even after the user actively reconfigure it.

------
gnidan
Is there any response from uTorrent about this? Didn't see any posts by any
admins or moderators in that thread; I was wondering if they said anything
besides just closing the topic?

------
olov
Use qBittorrent instead if you like the feature-set of uTorrent. In
particular, qBittorrent's UI is modeled after uTorrent. It is open source and
works on Linux, OS X, Windows, FreeBSD and OS/2(!), supports sequential
downloading (aka download in order or streaming) and has an optional web UI.
[http://www.qbittorrent.org/](http://www.qbittorrent.org/)

------
DDR0
Oh, man, this one ultimately was the last straw that broke my old XP box's
back. I accidentally clicked through the set-up, and I didn't really have the
sysadmin chops to fix it at that point. Whatever hitched a ride on search
protect slowed that machine to a crawl. I ultimately ended up installing linux
on it, but it's just not the same anymore.

------
PeterisP
Don't use 'official' installers manually ever, for this same reason that they
try to cheat you into 'agreeing' to something - use something like
[http://ninite.com/](http://ninite.com/) that run the installers with the
correct no-to-optional-malware options.

------
Akujin
Use old versions of uTorrent. Before it was bought out by BitTorrent, Inc.

Now it's just another parasite on the internet.

------
mmvvaa
I would love to hear from Yahoo (hopefully from Marissa Mayer, or whoever
authorised it at Yahoo), and from uTorrent. I was personally chearing for
Yahoo's new breath of hope, under Mayer's leadership. This is a pretty crappy
move. An apology would be enough.

------
Fuxy
Actually qBittorrent seems to be a good alternative. Let's see how good it is
compared to uTorrent.

I was looking for a simple replacement for uTorrent for a while now. I have
been using linux for years now and was surprised how awful it became while I
was off windows.

------
parski
I switched to rTorrent with ruTorrent a few years ago. I haven't used uTorrent
since. It's perfect if you have an old machine laying around somewhere. Just
whip out your favourite flavor of Linux and you're golden.

------
pbreit
I just tried installing and after declining the offer the installer hung. Buh
bye.

------
yitchelle
Just an off topic question as it was a while ago since I left the world of
torrenting. Back in the day, it was mainly music and movies that most folks
were trying to get. What else are being torrented these days?

~~~
DanBC
TV shows, games, apps, OSs, books, audiobooks, porn.

------
mmvvaa
The only positive aspect of this, and make no mistake - this does not excuse
their fishy behaviour - is that Yahoo has lead the way in defending its user's
privacy against the NSA.

------
x0054
This is exactly why I have such a love/hate relationship with BitTorrent Sync.
I use it a lot, and it works so great, but I so wish it were open source.

------
gesman
uTorrent started selling itself short quite a while ago.

I stopped using it about 2 yrs ago for similar reasons. It's a malware seeding
garbage now.

------
tn13
Report search protect to All anti-viruses, report to Yahoo!, report to their
domain name provider and hosting providers.

------
oddshocks
Sounds like you need you some Deluge.

[http://deluge-torrent.org/](http://deluge-torrent.org/)

------
gdy
I have latest uTorrent 3.3 (build 29625) [32-bit] on my Windows box and there
is Yahoo in Firefox.

~~~
gdy
I meant "and there is NO Yahoo"

------
pavel_lishin
Damn; and I blamed Firefox for this.

~~~
Slackwise
Why would Firefox do this if they get referral money from using Google as
their default search?

[https://blog.mozilla.org/blog/2011/12/20/mozilla-and-
google-...](https://blog.mozilla.org/blog/2011/12/20/mozilla-and-google-sign-
new-agreement-for-default-search-in-firefox/)

~~~
pavel_lishin
Firefox was the last thing I remembered installing before this happened; I'd
forgotten about uTorrent.

------
vezzy-fnord
uTorrent is a horrendous bloat, anyway. Personally I used rTorrent for a while
(minimal ncurses interface, very appealing to me) but later switched to
Transmission.

I've also used Deluge, but there's nothing too special about it in my eyes.

~~~
airencracken
I'm a big fan of rtorrent, I just wish that it was a proper server/client. Not
a fan of daemonizing things by running them in screen.

------
wnevets
I havent upgrade utorrent is years because of how bad BitTorrent Inc. made it.

------
jaxbot
Not new, though. uTorrent install has been shipping with crap for a while now.

------
neoyagami
Since i stopped using windowz in mac i use the official bittorrent app

~~~
gantengx
I have a feeling they will sneak the malware in the official bittorrent app
too

------
smegel
uTorrent went bad ages ago...ive been using an old, solid version (around
2.7?) for years, no reason to change.

It was a beautiful bit of software.

------
unabridged
this is why "freeware" can't be trusted, the threat of a fork keeps open
source developers honest

~~~
dubfan
foobar2000 has been closed source freeware for a long time and has not
resorted to anything like this.

~~~
voltagex_
I think you've got to look at the motives of the developers too. P2P apps
appear to be more susceptible to falling to shady partners, though.

------
sydbarrett
I never updated uTorrent, I run 2.2.1 so either find it or I can probably send
you the exe.

~~~
endgame
For other readers: The consensus on the reddit thread was that 2.2.1 was the
last good version.

~~~
Wingman4l7
IIRC some people even run the older 1.8. _x_ versions, for reasons which
escape me at the moment.

------
orbitur
Wow. People are actually angry in that thread because they didn't look closely
at the setup steps.

Let's be clear here: the user was still given a choice, but the user "trusted"
uTorrent to not force them to make one. Give me a break.

~~~
guelo
To be fair, utorrent used to be trustworthy before being b ought by the
despicable Bittorrent Inc.

~~~
pessimizer
What's despicable about Bittorrent, Inc.? They seem like a very pleasant
company to me. I won't be using any of their products because I generally
don't use closed source stuff, but I'm grateful for their protocol.

