Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC

Thxs, I'll think about it. I'm a little reluctant to add another antivirus program (besides WD I have Emisoft and the script noted above).

Also, the problem is not finding and blocking wacatac, Windows Defender does a good job of that. I'm puzzled as why after running/deleting everything to ensure my machine is clean, the act of shutting down my computer activates it, or triggers WD to find and block it. Deleting the WD service history file was supposed to prevent a false positive, deleting all temp files (where WD says the trojan is) was supposed to ensure it was actually gone, and the script was supposed to ensure it couldn't be reactivated.

OK, thanks again. I'll give it a shot.

- - - Updated - - -

I have noted that when I restart my computer a file called unknown.log shows up in the Windows Defender Service History folder which I make sure is empty before I shut down.

It's dated at the time I shut down my computer which is also about the time that WD reports blocking wacatac. Thoughts?

Nothing in WD Service Folder at shut down. When I restarted unknown.log was there with the following content:
1446361181
2613142394
2500079355
3222978219

I'm not a computer person so this is just meaningless.

I did first close everything obvious in Task manager. Mostly about 10 or so Adobe processes. That was a surprise as well. This feels more and more like my first visit to a sausage factory.
.
I'm beginning to think that a reinstall of Windows might be less painful.

Callender: So I've had wisevector stopx installed for awhile and no reports of virus. Today when I turned on my computer it wouldn't load. I did a hard shutdown and then restarted my computer which came on as it should. Just now, WD reports it has blocked trojan win32/fuery.C!cl

Again, I have tried at least a half dozen antivirus programs. None detects these viruses except WD.

Unless you or someone else can come with a better plan, my choice now is to invoke the W10 Recovery option and reset my C Drive, or just let WD continue to block these trojans.

I only have 2 start up items: WD and my monitor profile calibration.

I also checked File Manager to look for odd items. Checked a couple out but are legit. Even so I turned them off and set them to manual.

WD does show the path. It's the same path as you show except: Temp\tmp00000071\tmp000d077

While it doesn't list the name in the path, it does name as part of the report


For now I'll just assume/hope WD is taking care of things, though the start up issue this morning makes me nervous.