Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC

Page 1 of 5 123 ... LastLast

  1. Mr Morgan
    Posts : 98
    Windows 10
       New #1

    Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC


    Can anyone assist?

    Earlier today a .zip file was downloaded onto my Windows 10 PC which contained a Trojan:32/Wacatac.DC!ml virus. I am not sure if the virus was run or not but it was detected by Windows Security.

    As a precaution I have performed a System Restore in Windows but I still see the following message in Windows Security (allowing for some security details to be blacked out):

    Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC-annotation-2020-07-30-225820.png


    The only Action allowed for the above is Allow and all the affected items, as can be seen above, appear to be in the Downloads folder.

    Neither Windows Defender or Malwarebytes indicate a problem in the Downloads folder, but can anyone suggest a tool that I can use to verify that the virus has been removed?

    Also, is it possible for me to seek to clear the warning above, and does anyone know how that can be done?

    Thanks

    Mr Morgan.
      My Computer
    Quote Quote

  3. Samuria
    Posts : 8,113
    windows 10
       New #2

    OPen task Manager can be opened in a number of ways, but the simplest is to select Ctrl+Alt+Delete, and then select Task Manager. On the Processes tab, select Details to see the PID, along with other useful info.
    Some kernel errors may cause delays in Task Manager's graphical interface.

    look for the pid 2664 when you find it right click and find file location
      My Computer
    Quote Quote

  4. Mr Morgan
    Posts : 98
    Windows 10
    Thread Starter
       New #3

    I have just checked Task Manager and there is no such PID as shown below. I am uncertain if this is good or bad.

    100%x
    Attached Thumbnails Attached Thumbnails Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC-annotation-2020-07-30-232025.png  
      My Computer
    Quote Quote

  6. OldNavyGuy
    Posts : 1,862
    Windows 10 Pro 2004 20H1
       New #4

    Search for the zip file th_6288130648311.zip and upload it to VirusTotal for a second opinion scan.

    Then delete it.

    I would suggest running the following two tools.

    Emsisoft Emergency Kit -

    Emsisoft | Emergency Kit: Free Portable Malware Scan and Removal

    Run the "custom" scan and check the box to include a search for rootkits.

    Hitman Pro -

    Scan and Remove Malware | HitmanPro and HitmanPro Alert Download
      My Computer
    Quote Quote

  7. Jacee
    Posts : 1,604
    Win 10 home 20H2 19042.1110
       New #5

    This is a "Backdoor" trojan. Read about it here: Trojan:Win32/Wacatac.D!ml - Virus Lists and Removal Steps

    These are the most dangerous, and most widespread, type of Trojan.

    Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

    If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
    You should consider them to be compromised.
    They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

    Banking and credit card institutions should be notified of the possible security breech.
      My Computers
    Quote Quote

  8. Mr Morgan
    Posts : 98
    Windows 10
    Thread Starter
       New #6

    I am currently running a Malwarebytes full system scan and will follow that with Windows Defender and ESET Online.

    If nothing is found, and this PC was upgraded to the latest version of Windows today, I will deem everything to be alright.

    Passwords and other such data are not stored on the PC in question.
      My Computer
    Quote Quote

  9. OldNavyGuy
    Posts : 1,862
    Windows 10 Pro 2004 20H1
       New #7

    Jacee said:
    If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.

    You should consider them to be compromised.
    The threat was stopped by Defender, so it did its job.
      My Computer
    Quote Quote

  10. OldNavyGuy
    Posts : 1,862
    Windows 10 Pro 2004 20H1
       New #8

    Mr Morgan said:
    I am currently running a Malwarebytes full system scan and will follow that with Windows Defender and ESET Online.
    I would also run these mentioned above -

    Virus Trojan:32/Wacatac.DC!ml not completely remediated on Windows PC
      My Computer
    Quote Quote

  12. Mr Morgan
    Posts : 98
    Windows 10
    Thread Starter
       New #9

    @OldNavyGuy: Are you referring to other products in addition to Malwarebytes, Windows Defender, and ESET?
      My Computer
    Quote Quote

  13. OldNavyGuy
    Posts : 1,862
    Windows 10 Pro 2004 20H1
       New #10

    I am.
      My Computer
    Quote Quote

 

  Related Discussions
I think I got a virus/trojan help please
in AntiVirus, Firewalls and System Security

I used my external hard drives on work pc to copy some software and music However after I plugged them in my laptop, I notices something weird All my folders in at the root of the hdd was converted to shortcuts, opening shortcut takes a little...
Virus Scan Trojan Occamy.c?
in AntiVirus, Firewalls and System Security

So i rarely do any virus scans since I try to make sure to be careful when clicking on things on my dell xps laptop. Well i recently was looking at a site think like ebay... where i was hovering over a picture and accidentally dragged that picture...
How to completely disable windows update virus
in Windows Updates and Activation

Dear all. I do not consent to the general idea my computer would be safer if I change software setup every day (updating). After my 20+ years of computer usage NO virus has of yet been discovered by a "virus protection" software before buying an...
How do I remove trojan virus from my windows 10?
in AntiVirus, Firewalls and System Security

I too got a trojan horse virus PSW.Biopsy A. AVG found it but when I run it it can't find it; but I keep getting notices to run my AVG for windows. I am updated with my AVG, so how come it can notify me that it sees it but that it can't find it when...
VulkanRT -- Trojan? Virus? How Do I Safely Remove It?
in AntiVirus, Firewalls and System Security

173855 I believe I may have a malicious threat called VulkanRT. Above is the list of files in a folder called VulkanRT. I have not clicked on any of them. A site called Malwareless lists this as a Trojan. Even though the files are all dated...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 14:50.
Find Us




Windows 10 Forums