Trojen Horse Virus Detected in

I recently purchased something from codecanyon. I noticed a virus warning on the zip file that was stored in my cache as part of the attachment with my purchase receipt. I’m sure this wasn’t done on purpose, but whatever system you have that is creating your attachments to those emails may be spreading malware. I had no other way of contacting the company to let them know other than this method.

Detected Trojan Script: Trojan:Script/Wacatac.B!ml

The actual download from the site was fine and the php with the plugin seems fine. It was just the that was infected as part of the billing program.

Please contact author of the program, they may solve this problem & let you know.
Thank you

It sounds like a false positive, especially with “script” in the name as these are almost always artificial intelligence detections and in my experience they’re usually wrong. I’m pretty sure I’ve even had Windows Defender flag one of my own programs as a “Wacatac” trojan before when it was nothing of the sort :sweat_smile:

With all that said, I was not able to reproduce this. You can try uploading the contested file to VirusTotal to check if it’s a false flag, in which case only a small number of antivirus engines would detect it.

For comparison, here’s a scan of my own recent which comes back clean: VirusTotal


You are probably right. I just never get false positives and this popped up along with some other odd behavior from windows and it was creeping me out. Sometimes I forget that odd behavior is the norm for windows. Looks like this script has been reported for many false positives and the pdf did come back clean from VirusTotal. Thanks for the tip.

1 Like