Forum Discussion
Question malware detected Defender for Windows 10
Why did my Microsoft Defender detect a malicious file in AppData\Roaming\Secure\QtWebKit4.dll (Trojan:Win32/Wacatac.C!ml) during a full scan
and the Kaspersky Free and Malwarebytes Free scans didn't detect it?
Was it maliciously modifying, corrupting, or deleting various files on my PC before detection? I sent it to Virus Total, the hash:
935cd9070679168cfcea6aea40d68294ae5f44c551cee971e69dc32f0d7ce14b
Inside the same folder as this DLL, there's another folder with a suspicious file, Caller.exe. I sent it to Virus Total, and only one detection from 72 antivirus programs was found, with the name TrojanPSW.Rhadamanthys.
VT hash:
d2251490ca5bd67e63ea52a65bbff8823f2012f417ad0bd073366c02aa0b3828
2 Replies
malwares found modify, delete, corrupt personal filés in PC?
Hi cloudff7,
Defender correctly detected a real trojan (Wacatac.C!ml) in QtWebKit4.dll.
The file Caller.exe is linked to Rhadamanthys, a known password-stealing malware.
Other antivirus tools likely missed it because of slower signature updates.
Recommended way would be to run a Microsoft Defender Offline scan and change all passwords. Also review startup entries and scheduled tasks for persistence.
