Glad to help!
Windows Defender reports malware, but cannot remove it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Windows Defender reports malware, but cannot remove it. Event Viewer shows attempts, Defender "start actions" does not remove malware and a scan reveals the same threats. Event Viewer says Defender had a critical issue, throws 0x80508032.
Have run FRST and have the two resulting log files, need help in figuring out what to do next.
Windows for home | Windows 10 | Security and privacy
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
9 answers
Sort by: Most helpful
-
Anonymous
2024-02-19T17:08:21+00:00 That would seem to be the case- will run the Safety Scanner tool. Thanks- will reply with results.
-
DaveM121 886.7K Reputation points Independent Advisor2024-02-19T16:49:14+00:00 That folder should be able to be deleted in Safe Mode.
The best option now may be to download the Microsoft Safety Scanner and run a full scan with that, in case the malware is affecting Defender's functionality.
-
Anonymous
2024-02-19T16:46:03+00:00 Thanks, Dave, for the quick response. Followed your instructions, cleaned out the \quarantine folder no problem. However, there is a file in the *\scans\Service\ folder (Detections.log) that cannot be deleted as it is "...open in another program." I am in Safe Mode. Any idea what may have this file open? Is in the antimalware service?
-
DaveM121 886.7K Reputation points Independent Advisor
2024-02-19T16:17:09+00:00 Hi, I am Dave, I will help you with this.
1
Start Windows in Safe Mode.
Open File Explorer, then on the View menu at the top, temporarily turn on 'Hidden Items'.
Navigate to this folder: C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service
Delete the contents of that Service folder.
Navigate to this folder:
C:\ProgramData\Microsoft\Windows Defender\Quarantine
Delete the contents of that Quarantine folder.
Close File Explorer.
2
Restart Windows in normal mode.
Open Defender and select the option to perform an offline scan, your PC will restart to perform that scan.
Then check if that malware list is clear.