Several AVs Continue to Flag uTorrent Client as Unwanted Software

• A significant number of AV products are flagging uTorrent as malware, although it clearly isn’t.
• The problem has been a persistent and unsolved one for at least 1.5 years now.
• Microsoft Defender is also blocking the installation of qBitTorrent, and silently disables it if present.

It seems that several anti-virus products insist on flagging the uTorrent (μTorrent) torrent client as unwanted or even dangerous software, categorizing it as riskware and malware. This inevitably creates confusion for the users attempting to install the particular desktop torrent clients, getting the message that they have downloaded a laced version from a phishing site. The practice has been criticized, but a significant number of anti-virus engines continue to approach these installers in the same way, disregarding any voices of objection.

The TorrentFreak team has run some tests on VirusTotal and figured that 19 security companies and their products are flagging the uTorrent installer as unwanted software, actively blocking the execution of the executable. That would include Avast, McAfee, Microsoft, Comodo, and more.

To get a better idea of the situation, we have decided to test some more clients and see if this is focusing on uTorrent for a reason or if these AV vendors treat every torrent client the same. When testing qBittorrent, we only got 1 engine flagging it as malware. Deluge gave us a score of zero, so no AV products see anything wrong with it. And finally, Transmission returned a zero score, again indicating that it poses no risk.

So, something is wrong with uTorrent (μTorrent), but it is unclear what it is. Some users say this is just a coordinated crackdown of the project due to the fact that the particular client is the most widely-used out there. Others believe the flagging happens because the project pushes ads to the users. Some even mention that those installers often lack a valid (and non-expired) digital signature, and this is why their installation is prevented.

To further complicate the situation, other reports are mentioning that Windows Defender is silently disabling qBitTorrent or even blocking new installations with the excuse being “potentially unwanted behavior.” Clearly, Microsoft doesn’t trust torrent clients, even if most AV engines disagree.

It’s indeed easy to download something malicious through P2P networks if you’re not careful enough, but torrent clients aren’t intrinsically illegal or dangerous, and they’re certainly not malware. It is also true that torrent clients are frequently used as piracy enablers, but AV companies shouldn’t succumb to pressure from copyright holders if that’s the case. They should treat files for what they are, not based on their potential for abuse or even their bad reputation.