Virus Detect RadSystem 4.0 (Trojan:Win32/Wacatac.B!ml)

Hello, version 4.0 is identified as a Trojan when installed by the Windows 10 antivirus and RadSystem.exe is eliminated.
False positive?

Yes, it is a false positive. Also make sure you downloaded it from the Radsystems official website.

1 Like

Thanks @willvin , mark the executable as exception and it works. Close the ticket.

1 Like

I installed v4.0 and Microsoft Defender found the following…


[Detected by Microsoft Defender Antivirus]
(Windows Security: Microsoft Defender Antivirus & More | Microsoft)

saying the following files were involved & quarantined

file: C:\Program Files (x86)\RadSystems\RadSystems.exe
file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadSystems.lnk
file: C:\Users\Public\Desktop\RadSystems.lnk
startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadSystems.lnk

which now leaves it non-working…

Installing 4.0 raises this as an virus and stops the install process. This has been reported before and said to be a false positive. However, in looking up more information on this file I find it is a virus and some say a particularly bad one. From one site…“Wacatac (also known as Trojan:Win32/Wacatac) is a trojan-type infection that stealthily infiltrates computers and performs a number of malicious actions. Cyber criminals typically proliferate this malware using spam email campaigns and fake software ‘cracks’.”

Given this kind of information about the Wacatac and its variations I am hesitant to install v4.0 on my pc. What does this file do in RadSystems and is it necessary to its’ operation?

It is a false positive, and I also had my doubts about it, but in this case it is detected as wacatac because it has been detected that RadSystems Studio performs several commands at the same time. I am a client / developer of RadSystems and I have been testing it and those commands are what it uses to generate the entire project that you are creating. The commands are harmless to the operating system, but the antivirus can detect it as malware because of that detail.
The usual commands in the case of Laravel or VueJS projects are:

  • php artinsan make: model
  • php artinsan make: request
  • php artinsan make: controller
  • etc
    therefore do not worry that there is nothing wrong. I’ve been using it since it was only PHPRAD Classic, now I’m switching to RadSystems Studio, it’s super good. Several Latinos use it
1 Like

Hi @jkwrpc,

Same here, this maybe because of some automated cli command code that needed in publishing the project. Though this may be a false positive but hopefully the RadSystems will verify it and ask for whitelisting to the Antivirus Vendor as it will affect the product name.


1 Like

Below is a message from the BitDefender team, indicating the app is clean.

Hello Humphrey,

Thank you for your patience while this case was being worked on.

The confirmation from the Antimalware Department arrived and the detection will be removed in the next couple of updates since the file is clean.
This may take up to 24 hours for the Antimalware Signature to be released.
Make sure to have the Bitdefender Endpoint Security Tools properly updated.

Should you need any further information, please do not hesitate to contact us.

Have a nice day !


I know this has been discussed before, but how can I be sure this is safe when my antivirus quarantines RadSystems:

I’m hesitant to continue with this kind of detection from my antivirus. How can I be sure it is safe?

It’s a false positive its not a virus! radsystems is working on getting the software cleared! its not a virus! you can disable your antivirus and install it or you can maybe wait till its solved but its not a virus

1 Like