[tor-talk] Panda antivirus now thinks Tor.exe is a virus

Martijn Grooten martijn at lapsedordinary.net
Wed Jun 17 08:44:08 UTC 2015

On Tue, Jun 16, 2015 at 01:21:56PM -0400, Roger Dingledine wrote:
> The behavior detection aspect is especially vexing here -- many antivirus
> tools have a "Not enough of our users have told us about this exe yet,
> therefore it is scary by default" feature.

There's also the simple fact that "an executable with a Tor client built
in" is more likely than not malicious: a lot of modern malware uses Tor
for C&C.

Things could be worse - though I'm not sure if this happens - if malware
downloaded the legitimate tor.exe on the side.

Have you reached out to AV vendors and see if this issue could be
solved? They might be willing to whitelist the executable.

(FYI, I pinged someone at Panda about this particular issue and they'd
look into it.)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150617/c06bf4f8/attachment.sig>

More information about the tor-talk mailing list