A note that may be related.Just throwing a PSA, but Wacatac.X!ml (replace X with another letter) is a very very common false positive. Notice the "ml" right near the end? That stands for "machine learning". It means that Defender never encountered this "virus" before but they tagged it as such thanks to the dataset they're learning on. Usually, AV software detect viruses through:
In our case, Defender is using heuristics-based detection for our file and they flagged it as a trojan thanks to its "experience" through ML/AI. I don't know the exact specifics of it, but Defender has a raging boner as of late for tagging some archived files like our Nope_Nope_Nope_Nope_Nurses.7z as "Wacatac.B!ml". If you're brave enough you could try extracting the .7z file and scanning the folder. Most of the time, Defender will react to the .7z but will sleep on the actual folder. That's how it was from what I experienced a few months ago from various .zip files. Though, there is a chance it will still react to something in the folders but from my scan, I really didn't catch anything.
- Signature - the AV scans your file against their database and searches for a similar copy of known viruses or malware
- Behavior - the AV detects when a file seems to do some sketchy stuff such as trying to send large amount of data through the net or trying to delete your System32 folder
- Heuristics - the AV flags a file as a "possible" virus based on similarities with previous viruses
There's a free and open-source game named "The Dark Mod"
You must be registered to see the links
that was originally a mod for Doom 3 recreating the type of stealth and sneak gameplay of the Thief series but a few years ago was made standalone.
The download is small because it's a launcher application that will download all the files used by the game or update them to the newer versions if you want.
So once the download was made, i zipped the whole content with 7zip so i would have in my archives the whole game so i didn't had to redownload for when i'll uninstall it and install it again.
To my surprise once zipped Defender suddenly detected my 7z archive as a Trojan, something i highly doubted considering i knew my system was clean and the Dark Mod files were all clean themselves.
After lot of googling around, i finally found the reason : the version of 7zip i was using was an old one (from several years ago) and some people had reported similar false positive problems with other archives they created, a very rare issue with their compression method apparently that Defender falsely thought of being potentially a trojan (it was not).
It was solved by simply downloading and installing the latest version of 7zip, and the archive created with the newer version wasn't falsely triggering Defender anymore