uTorrent is flagged as malicious by several antivirus engines currently

Martin Brinkmann
Dec 9, 2019
Internet
|
30

If you check the latest uTorrent setup file on Virustotal or other virus checking services, or run local checks using security solutions, you may notice that it is being flagged.

Both uTorrent Classic -- the local version of uTorrent -- and uTorrent Web -- the new web-based solution -- and BitTorrent are flagged by multiple antivirus solutions at the time of writing. The main release, uTorrent Classic, is detected by ten antivirus engines including Microsoft Defender, Sophos, Eset Nod32, GData, and Dr.Web.

Note: BitTorrent was sold in 2018.

Being flagged does not necessarily mean that a program is malicious or problematic; false positives happen but the likelihood is reduced when mainstream security solutions flag a program.

What is being detected? Most engines list "PUA or potentially unwanted application" as the reason and that indicates some sort of software bundling or file dropping on user systems. ESET lists Web Companion as a reference and that leads to Ad-Aware's Web Companion application. Whether that program has been offered as part of uTorrent's installation is unclear at this point.

utorrent optional offer

A test download and installation revealed the following:

  • uTorrent Classic downloaded fine in Microsoft Edge on Windows 10 with Windows Defender enabled. The program was not blocked from being downloaded.
  • The software installed fine on the same machine. Windows Defender did not prevent the installation.
  • It did include an offer to install the password manager Dashlane, but that offer was not checked.
  • It did include another offer, this time for WinZip and that checkbox was checked (and very tiny in comparison to the big next button).
  • There was also an add for NordVPN on the installation succeeded screen.

It is reasonable to assume that offers are switched at times, e.g. based on region, time or incentive to put them up.  The flagging of the executable file that is downloaded from the official website by Microsoft but the inactivity during download or installation is puzzling but only on first glance.

Windows Defender does not detect or block potentially unwanted programs by default. You need to enable the option first before it checks executable files for that. The security solution prevented the download of utorrent.exe after I enabled the option on the Windows 10 system. Other security solutions that flag the executable may block its download or execution automatically.

Users who have installed uTorrent may notice that the program is blocked from execution. The beta release is flagged by just two antivirus engines. One possible reason for that is that it does not include nearly as many offers as the release version.

Closing Words

Some users use legacy versions of uTorrent that don't include offers, ads and other unwanted content. Others have moved on to solutions such as qBittorrent or Transmission. It is interesting to note that the previous owners announced in 2015 that they would move away from the bundled software offer model.

Now You: do you use a torrent client? (via GenBeta)

Summary
uTorrent is flagged as malicious by several antivirus engines currently
Article Name
uTorrent is flagged as malicious by several antivirus engines currently
Description
If you check the latest uTorrent setup file on Virustotal or other virus checking services, or run local checks using security solutions, you may notice that it is being flagged.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Oh Yeah said on March 21, 2021 at 2:08 pm
    Reply

    There’s a lot of ppl here who say “just switch”.
    It isn’t that easy when you have 2000+ torrents and have to change to a new client.

  2. Amonymous said on December 13, 2019 at 12:07 pm
    Reply

    Use qbittorrent…the only stupid thing about that program is that the dev, for some idiotic reason, makes you unable to delete the file to recycle bin because…reasons.

    https://github.com/qbittorrent/qBittorrent/issues/2475#issuecomment-72326356

    Shame one of the dev’s an ass like this, because otherwise it’s good option.

    There’s also the problem with the program dropping crapton of I/O error on my old machine, but since it happens like 1-2 times on my current machine, eh.

  3. Dragon ninja said on December 11, 2019 at 7:27 am
    Reply

    I would flag if because people can use uTorrent remotely to download malicious software with out your permission

  4. buckwalla said on December 11, 2019 at 6:43 am
    Reply

    uTorrent is the Avast of BitTorrent clients.

  5. Shelley Roby said on December 11, 2019 at 2:39 am
    Reply

    Anyone have an opinion about FLUD?
    I just ran it side by side with uTorrent and it blew uTorrent out of the water. No longer want to use uTorrent because of many issues

  6. Julius said on December 10, 2019 at 6:22 pm
    Reply

    I have been happily using qBittorrent on both Windows and Linux for years with zero problems of any kind.

    Not sure why anyone would still want to use uTorrent.

  7. Hamza said on December 10, 2019 at 6:21 pm
    Reply

    Yes uTorrent allows application to install without user permission this his happened with my pc now my pc have viruses I recommend to download Antivirus On windows because Windows security didn’t help to fight with threats and malware.

  8. Lina Freeman said on December 10, 2019 at 5:56 pm
    Reply

    There are lots of open source quaity torrent downloaders. So, I agree with previous commentor. Anyone using utoorent deserves malcious virus.

  9. Matti said on December 10, 2019 at 2:51 pm
    Reply

    Anyone using uTorrent in 2019 deserves to get viruses on his/her computer.

  10. Anonymous said on December 10, 2019 at 12:22 pm
    Reply

    There is zero reason to use utorrent when qbittorrent is a libre version of it without the ads, cryptocurrency miners and other bundled malware, and none of those utorrent web or TRON aberrations. The company that owns utorrent should have died long ago and only lives on the ignorance of its users, we do not need those malware dealer parasites when we have user respecting alternatives.

  11. Greg said on December 10, 2019 at 10:54 am
    Reply

    Already noticed on my own few months ago that uTorrent is causing issues. It downloaded malware together with update from update servers. It was cloggin my RAM, probably some bitcoin mining. Malwarebytes detected it and removed it, everything was perfecr after.
    Switched to Vuze, never gonna use uTorrent again.
    Similar situation happened in the past with BitTorrent client.

  12. Tade said on December 10, 2019 at 10:20 am
    Reply

    Theres alwas alternative, the uTorrent is out of game with its aggresive advertisement for me for a years. I like Picotorrent, qBittorrent, Transmission, Deluge, Tixati, …

  13. nOOb said on December 10, 2019 at 10:14 am
    Reply

    Tixati is the name

  14. Anonymous said on December 10, 2019 at 7:22 am
    Reply

    uTorrent 2 is the best, only hundred kilobytes!

  15. Omid said on December 10, 2019 at 7:09 am
    Reply

    QBittorrent is the answer to ur solutions

  16. ilev said on December 10, 2019 at 7:06 am
    Reply

    Using uTorrent portable for years. My Kaspersky anti-virus 2020 doesn’t flag the app as malware.

  17. Graham said on December 10, 2019 at 5:17 am
    Reply

    Well, they’re not wrong. uTorrent is so bloated nowadays that it’s unbearable.
    I switched to Deluge a few years ago and haven’t looked back.

  18. Mamooty Reev said on December 10, 2019 at 3:01 am
    Reply

    If you need a torrent app, install qbittorrent from its website or from Ninite.com. It’s open source, has no ads, is updated regularly, and looks and works just like uTorrent. It’s basically uTorrent from its golden days. Other options are Transmission (popular on macOS and Linux) and Deluge.

  19. leland said on December 9, 2019 at 11:19 pm
    Reply

    There are a lot of programs being marked as PUPs these days. I just had to whitelist Process Hacker because it was marked in my antivirus. I continue to run the old 2.2.1 version of uTorrent as needed. I have also experimented with qBitTorrent which also seems quite nice.

  20. Yuliya said on December 9, 2019 at 9:40 pm
    Reply

    Switched to qBittorrent. I don’t ue any a/v software, but I’ve gotten tired of fighting against uTorrent.

    1. Anonymous said on June 1, 2020 at 4:23 pm
      Reply

      priviet,could u please tell me what are the best settings ? thanks

  21. Jack said on December 9, 2019 at 9:36 pm
    Reply

    I use Transmission/Qbittorrent on Linux.

  22. Emanon said on December 9, 2019 at 8:43 pm
    Reply

    “One or two anti-malware engines flagging an application could be attributed to a “false positive” – but 10!? – that’s a bit much.”

    That is not truth considering the majorly of AVs on the market are using third-party engines from Avira, BitDefender or Kaspersky.

  23. Rato said on December 9, 2019 at 8:30 pm
    Reply

    qBittorrent

    1. Gerold Manders said on December 10, 2019 at 4:23 am
      Reply

      Tixati – Free to use, but donations are accepted. Executables for both Windows and Linux. And if push comes to shove, it can also be used as a portable application.

      My client of choice. qBitTorrent messed up my file associations (not just for torrents). The old-skool interface of Tixati charmed me and it is a pretty complete client.

      1. I Wonder said on December 11, 2019 at 12:12 pm
        Reply

        “qBitTorrent messed up my file associations” – would like to see proof of that.

      2. Anonymous said on December 10, 2019 at 3:09 pm
        Reply

        Tixati is proprietary and I am curious how qbittorent can mess up your file associations beyond .torrent ones to associate them with itself after asking your permission.

  24. Vrai said on December 9, 2019 at 6:56 pm
    Reply

    I realize that torrent applications have gotten a bad and somewhat undeserved reputation for a long time. Copyright holders pushed hard to paint them in a bad light. BUT – the fact that – “The software installed fine on the same machine. Windows Defender did not prevent the installation.” – does NOT mean it is “O.K.” to install! I am quite confidant that malware, malicious applications, PUA’s, PUP’s, etc. also “install fine”.

    One or two anti-malware engines flagging an application could be attributed to a “false positive” – but 10!? – that’s a bit much. One has to wonder at that point if it is worth the effort to analyze (if even possible) and track the traffic to determine exactly what the application is doing.

    I would just skip it and move on to something less problematic. uTorrent has always be a little “sketchy” in my experience ¯\_(ツ)_/¯

    1. ramesh said on September 21, 2022 at 1:45 pm
      Reply

      i have been using utorrent since DECADES without any issues. so ur comment about utorrent is invalid

    2. Jilano said on December 9, 2019 at 7:23 pm
      Reply

      Just because one is sketchy doesn’t mean that all of them are. Besides, there are plenty of good alternatives: qBittorrent, Deluge, Transmission, just to name a few.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.