I need help with a nasty virus.

[aidenbrewer09]

I recently got a virus which not only came with a bunch of adware(which i got rid of) it came with a bunch of other stuff hidden all through my pc, i got most of it though. The problem though is that i have found 2 folders in the directories C:\Users\Aiden B\AppData\Local\vmtexba and C:\Users\Aiden B\AppData\Local\vmaexrs.
The vmtexba and vmaexrs i think are viruses and i have tried many methods but i cant delete them because i do not have permission.They come up in my task manager as "Windows Task Manager"
And if i look in the task manager and go to details, the Memory is in all from the virus is around 800,000. I also think it has been disconnecting me from the internet everytime i try and use it. I have tried to reset my pc and factory reset but The button simply does nothing. I have tried to boot in to safe mode and all of that and i cant, it restarted but when I see the windows sign and it is loading up, it turns black for a second and pops back up and i think that is the virus preventing Me to get rid of it. I dont know what to do. Please help and here are a few screenshots.
https://gyazo.com/2242e6e232eec5b6d00435c21cd358b2
https://gyazo.com/1093cfe81b0174a527474a42b0aee378
https://gyazo.com/b559263d3dd8363d81ae047fa7316e2c

 

[Saga Lout]

Navigate to c:\windows\system32 and right click on the file cmd.exe. Select RunAs Administrator and when the Command Form pops up, at the prompt, type
net user Administrator /active:yes
and hit the Enter key.

Type exit and hit Enter again then restart the machine. You should now see an extra user icon named Administrator. It's the system admin with more powers and permissions than a normal User admin account and that should allow you to delete those folders.

Once you have done, run your anti-virus programme or Windows Defender if you don't have one. Download MalwareBytes from www.mawarebytes.org and see what that finds, allowing it to remove anything it doesn't like.

To turn the system admin account off, the syntax is the same except it's /active:no.

 

[aidenbrewer09]

I did that and when i click to delete it i get c:\Users\Aiden B\Appdata\Local\vmaexrs is not accessible.
Access is denied.



I am on the administrator account too

 

[aidenbrewer09]

Also i came back on my other main account and it says
You need permission to perform this action

You require permission from DESKTOP-IO1PIE0\Aiden B to make changes to this folder.

So i require permission from my self?
And only in this folder, it told me how much files there are.
12,187 but i dont have a name of one.

 

[Saga Lout]

Go back to that file and right click it to see the Properties. Under the Security tab, click on the Advanced button and see if you can tweak the settings by adding "Everyone", or at least yourself, to have full control.

 

[aidenbrewer09]

Go back to that file and right click it to see the Properties. Under the Security tab, click on the Advanced button and see if you can tweak the settings by adding "Everyone", or at least yourself, to have full control.

That didnt work either.

 

[Saga Lout]

MalwareBytes is your last option then. I wonder if you have sufficient Permissions to rename the holding folder. I've got away with that one in the past when my customers had similar problems.

The solid way of deleting it is to use a Linux system to boot the machine. Download one and use Rufus to combine it and make it bootable as a USB thumb drive. Linux isn't so precious about rights and permissions in Windows systems so the files will definitely be removed. In itself, that may cause other files to step in and take their place if the virus is well constructed but keep testing Windows between every Linux session.

Linux Mint Serena is a good one for starters.