Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC

Windows Defender has just started reporting this on my desk top. I have run emisoft, SpyHunter5 and neither can detect it. Is there any evidence that this is real or is it a false positive? I have dozens and dozens of PWs I recently changed. Would not want to go through that again.

Still looking for help on this. When I turned on my computer this morning and checked Windows Defender it reported wacatac blocked last night about the time I shut down my PC. 2 days ago I had followed instructions provided by SpyHunter and deleted local/appdata/temp files in SafeMode (this is where Windows Defender says the trojan file is located). Really wish someone would jump in here.

Thxs, but the file doesn't exist, it is deleted by Windows Defender. Also it has a different name every time. Here is what I have from yesterday: C:\Users\Jim\AppData\Local\Temp\tmp00000163\tmp000cb084

If I am misunderstanding please let me know. Also, I found a thread that suggested deleting and turning off Restore Points. I've done that, but frankly it makes me nervous, especially with W10 updates going sideways and my own incompetence. Any thoughts on this would be appreciated.

It looks like Defender stopped it before it was able to run. I think you doing a System Restore is what is causing it. When you went back to another time you took a snapshot of the current time (at the time) with the trojan still on the system, so when Defender scans, I believe it is picking up the system restore image. Check your System Restore points. If you have one that is available for the date of infection, that's most likely the case. If so delete your restore points, do a scan, and if all is good, create a new restore point.

Thxs. I deleted all restore points, deleted temp files, did a restart, ran defender (all clean) and then created a restore point. Ran defender again, all clean. I've done all this before except for deleting the restore points. Oh, I also deleted my c: drive image back up (on an external drive) in case that might contain the trojan as well.

We'll see what happens tomorrow.

- - - Updated - - -

Apparently this trojan becomes active when I shut down my computer. I ran defender, emisoft and spy hunter just before I shut down. All indicated no problems. When I turned on my computer this morning I had a notification that defender had found and blocked wacatac about the time I shut my computer down. I will go through the process noted above tonight, carefully note the time I shut down, restart my computer, check again and note the time I shut down for the night, but I'm not optimistic.

Can anyone help me fix this?

Tairku:
1) Do you mean uncheck "delete all cookies" for all browsers? I currently have delete cookies checked for Edge, Windows Explorer, Chrome and FireFox.
2) Do you mean copy/paste and run the first CMD prompt, then do the same for the second, so that I am running two sequential commands? Or do I copy/paste them both at the same time? I'm not a computer person so I just want to be sure.

Also the following sequence of events seems to confirm that wacatac is being triggered by shut down or start up:
7:29 PM Defender run and reported no threats
Turned off computer and restarted it
7:31 PM Defender run and reported no threats
7:40 Defender reported it detected and blocked wacatac

I will try your method tomorrow. Just need to understand your instructions.