"Reset" does not wipe EFI system partition which may harbor rootkits.
Question malware found
- Thread starter classicaran
- Start date
- Featured
- Status
I discovered why the Caller.zip or rar was disappearing from the folder where the Caller.exe file is located. Microsoft Defender is quarantining it, accusing it of Trojan:Script/Wacatac.B!ml.
But the exe file remains in the folder and is not quarantined. It's very strange.
i send Caller.zip for Kaspersky specialist answer is clean file
DLL removed by Microsoft Defender:
Caller.exe:
folder files:
But the exe file remains in the folder and is not quarantined. It's very strange.
i send Caller.zip for Kaspersky specialist answer is clean file
DLL removed by Microsoft Defender:
Caller.exe:
folder files:
Attachments
The Caller.exe file is not malicious, only the DLL file is. The DLL file loads when you run the EXE file.I discovered why the Caller.zip or rar was disappearing from the folder where the Caller.exe file is located. Microsoft Defender is quarantining it, accusing it of Trojan:Script/Wacatac.B!ml.
But the exe file remains in the folder and is not quarantined. It's very strange.
i send Caller.zip for Kaspersky specialist answer is clean file
DLL removed by Microsoft Defender:
Caller.exe:
folder files:
- Apr 28, 2015
- 9,396
- 1
- 84,813
- 8,389
We don't know if there was a different exe, as You removed KF and its logs... that The Caller exe is not necessary the exe that triggers the dll...
Yeah but then you still need to install the updates at a later stage.
It’s annoying regardless when it happens
Just fear of breaking something; I have plenty of time.It’s annoying regardless when it happens
Was the detection of QtWebKit4.dll Malware (Trojan:Win32/Wacatac.C!ml) by Kaspersky Free and Malwarebytes Free recently added? Is this a new malware?
If any free antivirus doesn't detect a Trojan in its scan because it lacks a signature (malware database), is real-time protection also affected, failing to detect and block it?
If any free antivirus doesn't detect a Trojan in its scan because it lacks a signature (malware database), is real-time protection also affected, failing to detect and block it?
RoboMan
Level 38
Verified
Honorary Member
Top Poster
Content Creator
Well-known
High Reputation
Forum Veteran
Static (signature) and dynamic (post-execution) are two separate things. Even if an antivirus doesn't have a signature for a specific file, the antivirus' behaviour blocker or another module can intercept and block/delete the malware, and possibly revert its actions. For example, it can fail to delete it at first due to the lack of the signature in their database, but it can analyze the program's behaviour after executed and realise its malware.
So, all in all, it can fail at first and protect you at last.
High chance this should be detected by Generic Detection of Kaspersky if no Folder Exclusions was done. But in your case, likely it was excluded. If it was not excluded, the Generic Detection should tag this and the file uploaded to KSN for further analysis either by automation or analyst. After that a proper name will be given or will be remove on detection.
This was only uploaded and further analyzed by Opentip on Oct 9,2025.
There were only 10 hits that it was so low to be considered for a Virus Outbreak.
Attachments
You can read the following thread carefully with focus, it will help you
What are the names of types of malware that acess, modify, delete, or corrupt PC hdd and ssd files (Windows files and personal files, games, music, executables, ISO, IMG, RAR, ZIP, 7Z)? Does all malware have the potential to do this?
In this case, how are the malware QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml), Caller.exe (DrWeb detects
Trojan.DownLoader47.36298), and Caller.exe (VBA32 detects
TrojanPSW.Rhadamanthys) classified?
Caller.exe is related with QtWebKit4.dll? in same folder
In this case, how are the malware QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml), Caller.exe (DrWeb detects
Trojan.DownLoader47.36298), and Caller.exe (VBA32 detects
TrojanPSW.Rhadamanthys) classified?
Caller.exe is related with QtWebKit4.dll? in same folder
Ransomware is the type of malware that can access, modify, delete, or damage files on your computer, which is not the case with malware on your computer.
If you all want to keep answering any future posts by classicaran, that's up to you, but IMO (FWIW) this thread should probably be closed as well.
Thank you for trying @icotonev
Thank you for trying @icotonev
Sorry, you are looking for help in other forums..! This is extremely disrespectful..! This topic closes..!
www.bleepingcomputer.com
forum.eset.com
community.spiceworks.com
Question malware found in file - Page 2 - Virus, Trojan, Spyware, and Malware Removal Help
Page 2 of 2 - Question malware found in file - posted in Virus, Trojan, Spyware, and Malware Removal Help: Please read and reply to what I posted in Post #13.
Question files malware detected by defender - Microsoft Q&A
I used to use Kaspersky Free and Malwarebytes Free, but they never detected these files as malicious in their scans. Now I use Microsoft Defender. In the first full scan, it detected this file: AppData\Roaming\Secure\QtWebKit4.dll…
learn.microsoft.com
Question malware found
I ran a full scan with Microsoft Defender on my PC and it found the unique file AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml). But before using Defender, I had run a full scan with Malwarebytes Free and Kaspersky Free and found nothing. Why did it detect this now? Is this type ...
forum.eset.com
Detection malware question
I ran a full scan with Microsoft Defender on my PC and it found the unique file AppData\Roaming\secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml). But before using Defender, I had run a full scan with Malwarebytes Free and Kaspersky Free and found nothing. Why did it detect this now? Is this...
community.spiceworks.com
Oh man! Multiple threads here and other forums for the same issue
Thank you, friends, for sharing your malware experience. I'm learning a lot about this security world.
Trojans and viruses are the same thing?
only malware type ransomware is capable of modifying, deleting, or corrupting any type of file on my PC?
The only malware found for me was QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml), Caller.exe (detects
Trojan.DownLoader47.36298), and Caller.exe (
TrojanPSW.Rhadamanthys), Trojan.Win32.Agent.xcajyl, Application.Fragtor.Generic
Trojans and viruses are the same thing?
only malware type ransomware is capable of modifying, deleting, or corrupting any type of file on my PC?
The only malware found for me was QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml), Caller.exe (detects
Trojan.DownLoader47.36298), and Caller.exe (
TrojanPSW.Rhadamanthys), Trojan.Win32.Agent.xcajyl, Application.Fragtor.Generic
- Status
You may also like...
-
-
Testing Orion Malware Cleaner Designed by Me- Started by Trident
- Replies: 8
-
Help Needed: Suspicious Activity & Possible Malware on Windows 10 PC- Started by Thomas Ellias
- Replies: 4
-
40+ Passwords Found in Data Breach - Help Me Understand What Actually Happened- Started by vaultedlogic
- Replies: 24
-
Testing real-time protection of antiviruses with 10.124 Sample- Started by Dexter_Morgan31
- Replies: 120