This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 78%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EO%3C/text%3E%3C/svg%3E)
Windows Defender has detected the Trojan:Win32/Wacatac.B!ml
I started the scan with MS Safety Scanner, it took about 24 hours to complete the full scan.
During the scan, I can see that it shows about 250 infected files. However, the result, shows that everything is correct, see below.
Is it normal or a limitation of the tool?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 81%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
No, if you trust this file and allow it, then Microsoft Defender will only ignore this file and it will detect and remove other .exe files if they are being detect as malware. In case you run scan and it shows everything is fine and only mark this file as allowed (which you did), then you are good to protected.
If you believe the .exe is safe, you may submit it to Microsoft as incorrect detection, so they could check and if it consider as safe, then remove it from detection:
https://www.microsoft.com/en-us/wdsi/filesubmission
This is a known issue that during scan, it will find files which is suspicious of being malware , however as scan goes on and check those files, it will find out they are safe. The main result is the final one and if it shows you are safe, then you are good to go and you may ignore the message during scan.
In case, you are suspect of malware infection, you may run scan with Microsoft Defender Offline too:
https://support.microsoft.com/en-us/windows/help-protect-my-pc-with-microsoft-defender-offline-9306d528-64bf-4668-5b80-ff533f183d6c
I did like this:
This is odd to me as the first Defender claims that the system has :Trojan:Win32/Wacatac.B!ml:
When running the scanner, it shows that everything is fine. Any thoughts or insights ...?
When you check the history of Windows Defender, does it still show this malware?
If yes, what is the status?
If it is not in the history, it might have been removed.
You may run a full scan with Windows Defender again and see what is the result.
Yes, it still shows in Defender history as an "Allowed" threat. Actually, it's an exe file that I created using VB.Net in Visual Studio and it's a very basic Windows Forms application. Since I know it's not a malicious code, I trusted it and allowed it.
.Exe files other than Microsoft will be considered as malware?