Microsoft Defender Flags Tor Browser as a Trojan and Removes it from the System - Deform

similarly, I've removed Microsoft from my system.

I’m not sure about the browser, but a lot of malware used to ship with the tor binary and used it to connect to the CNC. I can totally see it ending up in the indicator list.

I love bashing MS as much as the next guy, but this is not completely indefensible behavior given typical user use cases and needs. As long as it’s easy to add an exception of you installed it on purpose.

At this point, Microsoft Windows itself can basically be classified as malware

Dude ms defender used to delete my "Hello World" executables built using visual studio just because they were made by an unknown publisher.

I've run into antiviruses blocking code I've written just because I pulled in certain cryptographic libs. Literally pulling in some Microsoft cryptography libraries in c# made it think I was writing a crypto locker.

Classic Microsoft

Fucking microsoft doing microsoft things.

Permanently Deleted

A little context, one of the larger exit nodes was compromised and would send malware to your computer. The behavior shield probably caught this and correctly marked the program as a trojan, since, by definition, that's literally what it was acting as when connected to that node. More advanced AVs (like malwarebytes) will instead block the malicious connection rather than blanket-banning the entire program.

This only happens in the latest version btw.

You can still download previous version and replace tor.exe and it works.

Permanently Deleted

Windows Defender sucks compared to the original Williams version.

How dare they use a non-Edge browser for this!

Hot take, I see no issue with this. If you're savvy enough to know about Tor and its purpose, you're also savvy enough to know how to add a security exclusion in Defender. People who don't know how to whitelist a program in Defender probably did not install Tor themselves and won't be safe using a program with the capability to access the dark web.

It's extra frustration for those trying to legitimately use Tor, but it's also a safety check in the case of an unintended install.

https://www.techradar.com/pro/security/microsoft-defender-will-finally-stop-claiming-tor-is-malware

Microsoft Defender will finally stop claiming Tor is malware.

It's funny that recently NetworkChuck uploaded video about darkweb where he installed tor on windows and now apparently many folks did the same.

False positives happen and it seems like they already resolved it.

It's unfortunate that MS makes it so hard to take them at their word when they're so aggressive with forcing Edge down everyone's throat. That makes even obvious bugs seem nefarious.

Bruh wtf.

This is why I rolled back my version of Tor? So I guess I have to add the folder as an exception. Fuck Microsoft.

Experts believe that the false malware alert is due to the new heuristic detection method used in Microsoft Defender

Fortune tellers are not a replacement for good security!

Any don't use windows for anything private or personal as its under the control of Microsoft. You are just giving it suggestions

If you have to use Tor you shouldn't be using Windows.

Oh no, how will I get my hands on hitmen and cp now?!