AmrElsisi 0 Posted September 14, 2019 Share Posted September 14, 2019 I have virus in my pc which can't be deleted and i know it's source I've found some files in %temp% and ofc there's other viruses I'm using eset smart security premium When i delete it it says Error 0x80070091 and eset can't detect it If you want me to give you the source of this virus,I don't have a problem with that but i just need to remove it ! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted September 15, 2019 Administrators Share Posted September 15, 2019 What makes you think that your computer is infected? Having files and folders in a temp folder is not a sign of infection. Quote When i delete it it says Error 0x80070091 and eset can't detect it The above code means that the directory is not empty, e.g. might pop up when attempting to delete a temp folder with files being in use. Link to comment Share on other sites More sharing options...
AmrElsisi 0 Posted September 15, 2019 Author Share Posted September 15, 2019 (edited) 7 hours ago, Marcos said: What makes you think that your computer is infected? Having files and folders in a temp folder is not a sign of infection. The above code means that the directory is not empty, e.g. might pop up when attempting to delete a temp folder with files being in use. yes it's a virus and i can find some virus files in my pc and when i scanned it with antimalwares it detected viruses from these files and still can't delete it and when i restart the pc then go fast to %temp% i still can't delete it,Which means that my pc might be hacked I can give you the source of the virus as i told you to detect it Note : i could find some hidden files which i can't see,I saw it from exclusions It's in appdata but i couldn't delete it and i made everything visible from file explorer options and still can't see these files except from exclusions when i try to add anything Edited September 15, 2019 by AmrElsisi Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 15, 2019 Share Posted September 15, 2019 Did you edit the screen shot you posted? The path shown doesn't make any sense. AppData is associated with a logged on user. For example, C:\Users\xxxxxxxx\AppData. 23 minutes ago, AmrElsisi said: when i scanned it with antimalwares it detected viruses from these files Post a screen shot of log entries, etc. these other "anti-malwares" found. And also which anti-malwares you used for scanning. Link to comment Share on other sites More sharing options...
AmrElsisi 0 Posted September 15, 2019 Author Share Posted September 15, 2019 5 hours ago, itman said: Did you edit the screen shot you posted? The path shown doesn't make any sense. AppData is associated with a logged on user. For example, C:\Users\xxxxxxxx\AppData. Post a screen shot of log entries, etc. these other "anti-malwares" found. And also which anti-malwares you used for scanning. As i said antimalwares found viruses in these files I can't see it whatever i do,Only from exclusions and this isn't important because i could remove it ! What's important is that files in %temp% because i can't remove it neither with eset nor anti-malwares And about the other viruses which in appdata,There's a screenshot and the same files name as which are in %temp% except and there's infinite files in these files in %temp% and the screenshot is below Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 15, 2019 Share Posted September 15, 2019 (edited) Synaptics is a company that markets human interface hardware and software (HMI). Did you manually install such software? Was it installed when you bought the PC? As far as the MalwareBytes screen shot, you didn't show what is the malware; i.e. type, that it detected. The files are not relevant at this point. Again, we need to know what malware MalwareBytes detected. 2 hours ago, AmrElsisi said: What's important is that files in %temp% because i can't remove it neither with eset nor anti-malwares Boot into safe mode and see if you can delete the files from there. While in safe mode, also run another scan with MalwareBytes. Note that the malware could have changed permissions on the %Temp%\ directory in question to prevent your access to the directory. You will have to modify those to include your local admin account access to the directory. Make sure you allow full read/write/modify access to the directory. These should have been set automatically when you added you local admin account. If you have an Eset SysRescue disk, boot to that an run a scan. If not and you have access to another PC, read the instructions on how to create SysRescue bootable media here: https://support.eset.com/kb3509/ . It is advisable not to create SysRescue media on an infected device. Edited September 15, 2019 by itman Link to comment Share on other sites More sharing options...
AmrElsisi 0 Posted September 16, 2019 Author Share Posted September 16, 2019 (edited) 18 hours ago, itman said: Synaptics is a company that markets human interface hardware and software (HMI). Did you manually install such software? Was it installed when you bought the PC? As far as the MalwareBytes screen shot, you didn't show what is the malware; i.e. type, that it detected. The files are not relevant at this point. Again, we need to know what malware MalwareBytes detected. Boot into safe mode and see if you can delete the files from there. While in safe mode, also run another scan with MalwareBytes. Note that the malware could have changed permissions on the %Temp%\ directory in question to prevent your access to the directory. You will have to modify those to include your local admin account access to the directory. Make sure you allow full read/write/modify access to the directory. These should have been set automatically when you added you local admin account. If you have an Eset SysRescue disk, boot to that an run a scan. If not and you have access to another PC, read the instructions on how to create SysRescue bootable media here: https://support.eset.com/kb3509/ . It is advisable not to create SysRescue media on an infected device. I've tried to delete it from safe mode and still can't delete it And malwarebytes couldn't and eset couldn't And about synaptics,No i've installed a program is i said which caused these problems before buying eset Note:When i deleted these files from safe mode,It gave me the same erorr but when i click try again the folder closes automatically (Using safe mode) Edited September 16, 2019 by AmrElsisi Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 16, 2019 Share Posted September 16, 2019 It is best you open a support ticket with Eset Middle East to assist you in removal of this. Link to comment Share on other sites More sharing options...
AmrElsisi 0 Posted September 16, 2019 Author Share Posted September 16, 2019 (edited) 3 hours ago, itman said: It is best you open a support ticket with Eset Middle East to assist you in removal of this. It's easy to remove it,I can install a new windows but i want eset to detect it,It's not only about removing it Changing windows can remove anything It'd be better if eset detected this new virus,Anyway,i'll contact eset middle east. Edited September 16, 2019 by AmrElsisi Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 16, 2019 Share Posted September 16, 2019 1 hour ago, AmrElsisi said: It'd be better if eset detected this new virus, That's impossible to do unless we know what virus you are referring to. I have asked multiple times for you to display the virus information that Malwarebytes found. Link to comment Share on other sites More sharing options...
Recommended Posts