Windows Defender (for Windows 10) detects the Trojan:Win32/Rundas.B virus in a file, C\User\myuserid\Downloads\Setup_XPAD_Office.exe right after I download it from the site of an instrument manufacturer. I contacted the manufacturer and they assure me this is a false alarm. I am thinking of removing the file from quarantine and installing the software by executing the file. I note in https://answers.microsoft.com/en-us/protect/forum/protect_defender-protect_scanning/trojan-win32rundasplock-what-does-this-trojan-do/a89977a8-f86a-4b7b-95ef-6e6cce560c9f Bruce Hagen says one of the problems with this virus is a rootkit.
I have already done an image backup of my spare computer. I would disconnect the computer from the internet, execute \Setup_XPAD_Office.exe and then look for problems. If I find any proplems, I would restore the image.
My first question is whether restoring from the image will solve rootkit problems?
My second question is what symptom would prove the virus is present, so I could convince the manufacturer there is a problem with their software? Ideally this would be something that is present on the PC, or some behavior of the PC, because mere detection by an anti-virus program isn't convincing them (and maybe they're right, maybe it is a false alarm).
[Original Title: Trojan:Win32/Rundas.B]