We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


MS defender detected it but couldn't remove it

lneilson asked
Medium Priority
Last Modified: 2013-12-04
Hi all

I just ran MS Defender and it found something,I checked remove all and it said action failed
but I should remove this immediatly:


any ideas on what it is and how to get rid of it?


Watch Question

Distinguished Expert 2019
It found something in a backup of your system settings, files, etc. But you cannot access that by default.

Turn off System Restore then try to clean again. Also, you should try running another scan with the computer started in Safe Mode.

It's a trojan of some sort... but cannot really tell you which one based on the data you've given.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
What masnrock said should work - turning off System Restore pretty much deletes all the restore points. Running the scan again is a good idea to ensure complete cleansing of the virus/spyware from whatever "remnants" might exist of the Restore archives.

In my experience, Windows Defender has difficulty removing an infected file from an archive. Restore Points are archives, but there are other archives where you can open them (if you have the right software) and delete the problem file without deleting the entire archive, which might be something necessary or useful.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.