I powered up my device and it displayed a prompt:
TOR BROWSER UPDATING
Almost immediately Windows 10 kicked in with a Defender prompt:
THREAT REMOVED OR RESTORED
This program is dangerous and executes commands from an attacker.
file: C:\Users\b\Desktop\Tor Browser\Browser\TorBrowser\Tor\PluggableTransports\webtunnel-client.exe
My question is: Was this TROJAN in the update for this Windows Alpha Release 12.5.3 (updated on 02-22-2023)
I cannot confirm whether the Trojan was included in the update or not, but I don’t think it was. However, it’s worth noting that Trojans like Win32/Wacatac.H can infect a system through various means.
It’s possible that the Trojan was already present on your system and got detected by Windows Defender when it tried to execute the webtunnel-client.exe file during the Tor Browser update.
Another possibility is that the Tor browser was downloaded through a 3rd-party site, and included a TROJAN in the files.
I would recommend running a full system scan with your antivirus software to check for any other potential threats on your system, just to stay safe.
Hope this helps!
Thank you for your reply.
Windows 10 isolated it quickly.
I did not connect to TOR or execute the TOR update.
I ran a full scan and Windows found nothing further.
I posted the incident because of Windows description,
and the Trojans identity and location. At this point, I
think its a done deal.
That’s good to hear.
I’m glad your problem was resolved.