Microsoft Begins Flagging uTorrent as Malware Threat

Last week several users noticed that uTorrent was flagged as threat by Antivirus vendors. Utorrent was classified as Malware by many Antivirus vendors. The uTorrent application is treated as “Potentially Unwanted Software” by antivirus softwares. Microsoft begins flagging uTorrent as malware and blocks the software from running.

uTorrent is a popular torrent client and is used widely for downloading data. So far uTorrent has been downloaded and installed over 150 million times. While there are many torrent client softwares, uTorrent is the most popular one out of all. It’s a software that written to download large amount of data from remote servers. In other words it’s a peer-to-peer file sharing protocol used for distributing large amounts of data.

Microsoft Begins Flagging uTorrent as Malware

However Microsoft begins flagging uTorrent as malware and categorizes it as PUA:Win32/Utorrent. Windows defender stops it running because it has a poor reputation. It is also mentioned that this application can also affect the quality of your computing experience. The BitTorrent Inc (parent company of uTorrent) is aware of this thing. The torrent company believes they’re false positives triggered by one of their recent releases.

It seems like the uTorrent client was not only blocked on new installs, it was blocked on machines that were already running uTorrent. Most of all not all the uTorrent installs were flagged as malware. So we believe there must one the windows defender definitions that would have caused this. Or probably one of those windows patch Tuesdays updates ?.

Furthermore we submitted uTorrent executable to Virus Total site and you can see the results below. Yes Microsoft is in the list of AV’s that flagged uTorrent as PUA:Win32/uTorrent. But rest of the antivirus vendors (those in green) marked the installer as clean.

Microsoft Begins Flagging uTorrent as MalwareNext we tested BitTorrent client and this time also Microsoft flagged it as malware.

Microsoft Begins Flagging uTorrent as MalwareWe tested the installation of uTorrent and BitTorrent on two of our Windows 10 machines. We really didn’t understand why the installation files get installed in appdata folder. Ideally they are supposed to go into program files. May be that is how uTorrent software is coded ?. Surprisingly we were able to run the software and Windows Defender did not show up any message. This leaves with question whether uTorrent is actually a malware ?. Or it’s just an windows update that is flagging it as malware ?. Let me know your thoughts on this in the comments section.

Prajwal Desai

Hi, I am Prajwal Desai. For last few years, I have been working on multiple technologies such as SCCM / Configuration Manager, Intune, Windows 11, Azure, Security etc. I created this site so that I can share valuable information with everyone.

6 thoughts on “Microsoft Begins Flagging uTorrent as Malware Threat”

  1. I believe that Microsoft (and other companies) conciously declare uTorrent to PUA for advertising reasons. It’s a pitty. In my opinion the developer of uTorrent should change their software in order to pass the test without loosing its purpose. I don’t know if this was realistic.

    Reply
  2. I have been using utorrent for a long time. The program itself is harmless, it is the software downloaded via that program that can cause problems and maybe why MsftDefender is marking it Malware, to prevent the possibility of downloading any because unlike everything else you download on Windows, the downloads through Utorrent do not go through a cert check.

    Reply
    • it’s the same thing for the poor Gadgets in which I had to manually re-install using the 8-gadget pack… it’s a shame really.

      Reply
      • Utorrent and any other P2P system have been thorns in the sides of MS and many other software companies because people share the software they want to sell. making them persona non grata was just another way of trying to stop sharing. A torrent is only as safe as the original file. clean file start no viruses. dirty file to start then obviously its spreading a virus or trojan…etc.. MS apple and Google all want to control the internet 100% for $$$$’s they have obliterated the nets original purpose the free and complete exchange of information across the planet. Hell the largest CREATORS of viruses are anti virus companies even more so than state run hacking groups.

        Reply

Leave a Comment