My filé uploadded a few days ago Kaspersky free, malwarebytes free not detected Microsoft Defender detected AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml).
Question malware found
- Thread starter classicaran
- Start date
- Featured
- Status
My filé uploadded a few days ago Kaspersky free, malwarebytes free not detected Microsoft Defender detected AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml).
The time and effort to re-install Windows with programs, adjusting their settings, and even updating, is definitely less than that for investigating this malware 
I agree, it's getting to the point, or already has, that we, OP seems to be going in repetitive question circle time?The time and effort to re-install Windows with programs, adjusting their settings, and even updating, is definitely less than that for investigating this malware
No one can precisely assess the changes inflicted by the malware, and consequently re-install is the only safe option.
the behavior of AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml) is always the same or does it change on each PC? It also goes by other names: Trojan.Win32.Agent.xcajyl, Infostealer/LummaC2, trojan.fragtor/vmprotect...?
Can it remain activated with just this DLL?
Can it remain activated with just this DLL?
What's most important is the main classification in the name, not the detailed description, for example, "Trojan." Every security product uses different names to classify it, which is unimportant to the end user.
What's important now is that your device is secure. Even if Kaspersky Free didn't detect it, it doesn't mean your device is infected. Security programs react differently. Some catch malware upon access, others upon execution, etc.
Simply run a full scan with a trusted antivirus (Kaspersky and Microsoft Defender are both good), run a 2nd opinion scanner like (KVRT, NPE, EEK), and check your user folder (Documents, Pictures, etc.) to see if it's encrypted.
That's all you need to do.
It was mentioned K did not detect the malware at the beginning.
- Apr 28, 2015
- 9,397
- 1
- 84,813
- 8,389
K. did not detect that inactive leftover dll... but We can't know if it probably blocked the attack removing the exe, since He removed K. and the logs.
It wasn't just Kaspersky Free that didn't detect this DLL in complete scan, Malwarebytes Free and Adwcleaner Free also didn't detect this DLL in their scans.
Without complete logs and doing full forensic, we can only guess. Even if it's possible, it's already a year late.
Speculation is the name of the game with unverified logs and access.
After uninstalling Kaspersky Free, is there any possibility to recover the detection and removal logs using some software to recover deleted files from SSD and HDD?
Several members offered to help him. @Trident, with his divine patience, tried to help him, but it seems he didn't listen. I suggested he post a topic in Windows Malware Removal Help & Support In post #7, he didn't care much. He asked for help but didn't accept the advice of the members and ended up ignoring the help of the members here, many of whom have experience and even decades of experience in the field and are accustomed to removing malware. But in the end, he played the superhero, and ultimately, the help offered here to the OP was in vain. He is more concerned with his ROMS and Emulators than the malware on his computer. So, it is difficult to help people like this who do not follow the advice of members who have experience in removing malware.
There's a saying...."old habits die hard"Several members offered to help him. @Trident, with his divine patience, tried to help him, but it seems he didn't listen. I suggested he post a topic in Windows Malware Removal Help & Support In post #7, he didn't care much. He asked for help but didn't accept the advice of the members and ended up ignoring the help of the members here, many of whom have experience and even decades of experience in the field and are accustomed to removing malware. But in the end, he played the superhero, and ultimately, the help offered here to the OP was in vain. He is more concerned with his ROMS and Emulators than the malware on his computer. So, it is difficult to help people like this who do not follow the advice of members who have experience in removing malware.
Yes, I saw all the answers, thank you all. I was confused because in the last posts the answers were reversed from the first answers, and I was confused about my case: this DLL detection, personal files, risk of corruption, deleting and modifying files by this malware detected in some defender, but it has already been removed after I downloaded and copied the personal files.
So what exactly is the problem and how can people still help you exactly?
Why did Microsoft Defender detect this DLL after I downloaded my 250GB files and copied them to the external hard drive? Will I need to redownload all the files because some of them might have been damaged or deleted?
When I downloaded the files and copied them, I was using Kaspersky Free, but it didn't detect this DLL in the complete scan.
It could be exclusions. Likely you excluded the download directory or where this file was downloaded on Kaspersky. Realtime and on demand will skip that. After you uninstalled K, there were no exclusions on MSD. So during transfer, Realtime saw this malware and flagged it
I had a hard time analyzing this case. But his last post made the sequence of events clearer.
- Status
You may also like...
-
-
Testing Orion Malware Cleaner Designed by Me- Started by Trident
- Replies: 8
-
Help Needed: Suspicious Activity & Possible Malware on Windows 10 PC- Started by Thomas Ellias
- Replies: 4
-
40+ Passwords Found in Data Breach - Help Me Understand What Actually Happened- Started by vaultedlogic
- Replies: 24
-
Testing real-time protection of antiviruses with 10.124 Sample- Started by Dexter_Morgan31
- Replies: 120