Tor Browser 4.0.4 released and being flagged by AVG and Panda Antivirus as malware

AVG Antivirus and Panda Cloud Antivirus flagging new Tor browser version 4.0.4 while Microsoft Security Essentials has no issues with it

The Tor project released a new browser version 4.0.4 for Tor anonymiser network on Wednesday, 25th Feb with support for Firefox 31.5.0 and lots of bug fixes.

The browser which can be downloaded for free from here and also with TorProject Distribution Directory.

TorProject says that the above version is stable release which is signed by one of the subkeys of the Tor Browser Developers signing key from now on, too. You can find its fingerprint on the Signing Keys page. It is:

pub 4096R/0x4E2C6E8793298290 2014-12-15
Key fingerprint = EF6E 286D DA85 EA2A 4BA7
DE68 4E2C 6E87 9329 8290

Tor Browser 4.0.4 is based on Firefox ESR 31.5.0, which features important security updates to Firefox. Additionally, it contains updates to NoScript, HTTPS-Everywhere, and OpenSSL.
Here is the changelog since 4.0.3:
All Platforms

  • Update Firefox to 31.5.0esr
  • Update OpenSSL to 1.0.1l
  • Update NoScript to 2.6.9.15
  • Update HTTPS-Everywhere to 4.0.3
  • Bug 14203: Prevent meek from displaying an extra update notification
  • Bug 14849: Remove new NoScript menu option to make permissions permanent
  • Bug 14851: Set NoScript pref to disable permanent permissions

AVG and Panda Antivirus flag Tor v 4.0.4 as malware

AVG and Panda antivirus engines are however flagging the new version as malware and if you are running any of the two as AV scanners on your PC, you cannot install the new Tor. To install Tor, you have to just DISABLE the antivirus prior to installation.

Once installed you can enable the av again and continue normally. It is strange that AVG and Panda are flagging Tor as malware because apparently, Microsoft’s own antivirus and malware detector, the Microsoft Security Essentials, finds no issues with new Tor.

AVG and Panda Antivirus flag Tor v 4.0.4 as malware

AVG and Panda Antivirus flag Tor v 4.0.4 as malwareYou can also do the Tor community a great service by reporting the flagged issues as ‘false positives’  to both AVG and Panda so that they can make changes in their AV products.

The Tor also seems to have some bugs related to exit nodes. An anonymous poster said that the Tor crashed when he tried to set ExitNodes {AU}. He also noted that he was unable to reopen the crashed Tor so he reinstalled it. This issue has not been raised by any other user/addressed by the Tor community.

You can get the signing keys by visiting here.

1 COMMENT

  1. Nice post. I was checking constantly this blog and I am impressed! Extremely useful information specially the last part kbbcbbdeekdk

LEAVE A REPLY

Please enter your comment!
Please enter your name here