MS defender detected it but couldn't remove it

Posted on 2006-04-02
Last Modified: 2013-12-04
Hi all

I just ran MS Defender and it found something,I checked remove all and it said action failed
but I should remove this immediatly:


any ideas on what it is and how to get rid of it?


Question by:lneilson
    LVL 17

    Accepted Solution

    It found something in a backup of your system settings, files, etc. But you cannot access that by default.

    Turn off System Restore then try to clean again. Also, you should try running another scan with the computer started in Safe Mode.

    It's a trojan of some sort... but cannot really tell you which one based on the data you've given.

    Expert Comment

    What masnrock said should work - turning off System Restore pretty much deletes all the restore points. Running the scan again is a good idea to ensure complete cleansing of the virus/spyware from whatever "remnants" might exist of the Restore archives.

    In my experience, Windows Defender has difficulty removing an infected file from an archive. Restore Points are archives, but there are other archives where you can open them (if you have the right software) and delete the problem file without deleting the entire archive, which might be something necessary or useful.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
    In a recent article here at Experts Exchange (, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now