MS defender detected it but couldn't remove it

Hi all

I just ran MS Defender and it found something,I checked remove all and it said action failed
but I should remove this immediatly:

C:\systemvolumeinformation\-restore{93E92BA8-09C7-4DE1-9B39-8FE34AC0FD1A}\RP390\A0029859.EXE->(WISE0009)

any ideas on what it is and how to get rid of it?

thanks

lneilson
lneilsonAsked:
Who is Participating?
 
masnrockCommented:
It found something in a backup of your system settings, files, etc. But you cannot access that by default.

Turn off System Restore then try to clean again. Also, you should try running another scan with the computer started in Safe Mode.

It's a trojan of some sort... but cannot really tell you which one based on the data you've given.
0
 
ggunnigleCommented:
What masnrock said should work - turning off System Restore pretty much deletes all the restore points. Running the scan again is a good idea to ensure complete cleansing of the virus/spyware from whatever "remnants" might exist of the Restore archives.

In my experience, Windows Defender has difficulty removing an infected file from an archive. Restore Points are archives, but there are other archives where you can open them (if you have the right software) and delete the problem file without deleting the entire archive, which might be something necessary or useful.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.