If you check the latest uTorrent setup file on Virustotal or other virus checking services, or run local checks using security solutions, you may notice that it is being flagged.
Both uTorrent Classic -- the local version of uTorrent -- and uTorrent Web -- the new web-based solution -- and BitTorrent are flagged by multiple antivirus solutions at the time of writing. The main release, uTorrent Classic, is detected by ten antivirus engines including Microsoft Defender, Sophos, Eset Nod32, GData, and Dr.Web.
Note: BitTorrent was sold in 2018.
Being flagged does not necessarily mean that a program is malicious or problematic; false positives happen but the likelihood is reduced when mainstream security solutions flag a program.
What is being detected? Most engines list "PUA or potentially unwanted application" as the reason and that indicates some sort of software bundling or file dropping on user systems. ESET lists Web Companion as a reference and that leads to Ad-Aware's Web Companion application. Whether that program has been offered as part of uTorrent's installation is unclear at this point.
A test download and installation revealed the following:
It is reasonable to assume that offers are switched at times, e.g. based on region, time or incentive to put them up. The flagging of the executable file that is downloaded from the official website by Microsoft but the inactivity during download or installation is puzzling but only on first glance.
Windows Defender does not detect or block potentially unwanted programs by default. You need to enable the option first before it checks executable files for that. The security solution prevented the download of utorrent.exe after I enabled the option on the Windows 10 system. Other security solutions that flag the executable may block its download or execution automatically.
Users who have installed uTorrent may notice that the program is blocked from execution. The beta release is flagged by just two antivirus engines. One possible reason for that is that it does not include nearly as many offers as the release version.
Some users use legacy versions of uTorrent that don't include offers, ads and other unwanted content. Others have moved on to solutions such as qBittorrent or Transmission. It is interesting to note that the previous owners announced in 2015 that they would move away from the bundled software offer model.
Now You: do you use a torrent client? (via GenBeta)Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.