Yesterday my son asked for help with a suspicious file in a subfolder of the Windows folder after he tried a patch for one of the programs he uses. The file WFXLOAD.EXE could not be deleted not because it was in use by any process but because after deletion it came back again. There were also two registry entries associated that couldn't be deleted by the same reason. I decided to do a scan with Prevx that ended with no detections. Then I tried the manual cleanup. Here Prevx began detecting this file as malware and cleaned the file and the registry entries but they came back as before. Prevx ended with a message stating that was unable to remove the malware and suggesting contact with support, what i did. Until now no response. Meanwhile I recall to try deletion in safe mode and I successfully get rid of the file. My question is: Why wasn't Prevx able to clean the file? Since I got to do it in safe mode? Was the file a real threat? How did it manage to be undeletable?