Microsoft Begins Flagging uTorrent as Malware Threat

By Prajwal Desai On Apr 18, 2018

Last week several users noticed that uTorrent was flagged as threat by Antivirus vendors. Utorrent was classified as Malware by many Antivirus vendors. The uTorrent application is treated as “Potentially Unwanted Software” by antivirus softwares. Microsoft begins flagging uTorrent as malware and blocks the software from running.

uTorrent is a popular torrent client and is used widely for downloading data. So far uTorrent has been downloaded and installed over 150 million times. While there are many torrent client softwares, uTorrent is the most popular one out of all. It’s a software that written to download large amount of data from remote servers. In other words it’s a peer-to-peer file sharing protocol used for distributing large amounts of data.

Microsoft Begins Flagging uTorrent as Malware

However Microsoft begins flagging uTorrent as malware and categorizes it as PUA:Win32/Utorrent. Windows defender stops it running because it has a poor reputation. It is also mentioned that this application can also affect the quality of your computing experience. The BitTorrent Inc (parent company of uTorrent) is aware of this thing. The torrent company believes they’re false positives triggered by one of their recent releases.

It seems like the uTorrent client was not only blocked on new installs, it was blocked on machines that were already running uTorrent. Most of all not all the uTorrent installs were flagged as malware. So we believe there must one the windows defender definitions that would have caused this. Or probably one of those windows patch Tuesdays updates ?.

Furthermore we submitted uTorrent executable to Virus Total site and you can see the results below. Yes Microsoft is in the list of AV’s that flagged uTorrent as PUA:Win32/uTorrent. But rest of the antivirus vendors (those in green) marked the installer as clean.

Next we tested BitTorrent client and this time also Microsoft flagged it as malware.

We tested the installation of uTorrent and BitTorrent on two of our Windows 10 machines. We really didn’t understand why the installation files get installed in appdata folder. Ideally they are supposed to go into program files. May be that is how uTorrent software is coded ?. Surprisingly we were able to run the software and Windows Defender did not show up any message. This leaves with question whether uTorrent is actually a malware ?. Or it’s just an windows update that is flagging it as malware ?. Let me know your thoughts on this in the comments section.