Removal of threat Trojan: Status FAILED (Remediation incomplete)


  1. Posts : 2
    Wondows 10
       #1

    Removal of threat Trojan: Status FAILED (Remediation incomplete)


    Windows Defender recently indicated I had "severe" threats. They identified these as Trojans, with full details, and informed me in a note below that these were identified and removed by Defender's antivirus. However, Protection History is showing one as " Remediation incomplete" after I clicked on "take action" , with status :"failed" and warnings of danger. I find Microsoft's "communication skills" ambiguous and contradictory. Another "severe threat" item, after "take action" is chosen, is shown as "Removed or restored". What does that mean? I WANT it removed---NOT restored! There is no other "Action "option once the initial one has supposed to have been affected, even if it is shown as "Failed". Just to confuse the issue further, "Security at a glance" shows all the green boxes ticked and "no action needed".
    Even more confusing, I had run a quick scan, a full scan, and a custom scan and they all told me that there were "no current threats", then went on to say "1 threat found"! I also did an "offline" scan, which is supposed to find threats that the others miss, but I have no idea whether it did or not, as it simply restarts your Computer, spends half an hour or more scanning, then disappears from the screen without apparently showing any report or results, and restarts the Computer to back where you started.
    With another Trojan that it had declared "quarantined" (for once something reassuring) I was given an "action" option, and I selected REMOVE (the other option was Restore). However, in a further act of inexplicable ambiguity, the same item came up again in a later scan, showing this time as "Removed or Restored" (so I am hoping that means the other item already labelled "removed or restored" has actually been removed, but I cannot be sure!
    Finally, late last night, I did ANOTHER FULL SCAN (took 4hours 43 minutes) which produced a report showing "no current threats" and ALSO "ZERO threats found." It also reported virus and threat settings and ransomware protection as "no action needed" and security intelligence as up to date. So far as Defender is concerned, it is telling me I have no problems. Yet, under Protection History, I STILL have: "Remediation Incomplete "
    Detected: Trojan:Script/Sabsik.FL.A!ml
    Status: Failed
    This App or threat might not be completely remediated.
    This is program is dangerous and executes commands from an attacker.
    Can anybody help with reassurance? All attempts on the web I have made to search for advice ONLY bring up info. that sometimes Defender flags up "false positives," and they suggest complex methods of how to remove the message! (Much like "shooting the messenger" so you don't have to hear the message!") What they DONT address is what to do if it is NOT a false positive and Defender has NOT removed this known virus as it claims to do.
    Can anybody help with reassurance or advice. please? Mike 707 Windows Version 22H2 (OS Build 19045.4291)
      My Computer


  2. Posts : 4,631
    several
       #2

    You could get a second opinion. Free one time scan Free Online Virus Scanner and Anti-Malware Software | ESET
      My Computer


  3. Posts : 804
    Windows 10 Pro
       #3

    Download and try Malwarebytes free.
      My Computer


  4. Posts : 2
    Wondows 10
    Thread Starter
       #4

    SIW2 said:
    You could get a second opinion. Free one time scan Free Online Virus Scanner and Anti-Malware Software | ESET
    Thanks. Ran ESET Premium (30 day free trial). Detected nothing. Will keep checking--with Defender set to also do periodic checks. Also free Malwatebytes detected nothing. But PROTECTION History STILL showing REMEDIATION INCOMPLETE (Status:Failed)!
      My Computer


  5. Posts : 327
    Windows 10
       #5

    Just get Avast

    you should checkout some other tools like

    Wireshark - Monitor packets
    Netlimiter - Monitors "most" connections
    Last edited by Daymin; 4 Days Ago at 15:36.
      My Computer


  6. Posts : 6,914
    22H2 64 Bit Pro
       #6

    It's likely scanning it's own history so clear defender history. Note: If you're working on something when you run this then save because a safe mode reboot will be initiated.

    ClearDefenderHistory | Clear Windows Defender History Files
      My Computer


  7. Posts : 50
    Win10
       #7

    Daymin said:
    Just get Avast

    you should checkout some other tools like

    Wireshark - Monitor packets
    There are many instances where Wireshark is the answer but I am not sure this is one of them.

    It is a brilliant tool that can aid troubleshooting massively but without some sort of idea what network connection[s] you specifically want to capture all you will do is end up with an enormous file that will require a lot of filtering just to get basic information from if you are lucky.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:49.
Find Us




Windows 10 Forums