Click here to Skip to main content
15,895,557 members
Search within:


Resolving virus-infected computer
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
virus
HI! CAN ANYBODY HELP ME!!! While i was trying to copy a non-executable virus called "Virus.Win32.VB.lr" The name of the file is the same as what it called. Then i try to scan it with ClamAV then unexpectedently, the virus executed. I try to turn on kaspersky again to check if it is a virus, then it is true! I quickly choose the advanced disinfiction mode to remove this virus. But then i realised that my background changed and my clock is also changed. My clock is not showing **:** AM/PM but now show **:** riesyha/riesyha. Can i know how the virus change my clock from displaying **:** AM/PM to **:** riesyha/riesyha.

Thanks! :)

What I have tried:

I tried to use the kaspersky feature which is "Microsoft Windows Troubleshooting" to fix the clock but it didn't work. Only when i change the region in the windows settings then it worked.
Posted
Updated 11-Jan-21 4:33am
Add a Solution

2 solutions

Congratulations!
You have been playing with viruses on a live system and you have been bitten by one.

Quote:
I know this is hard and also very complicated but i still want to do it. So thats why from now i am downloading all possible viruses that i can find. Right now i have a part of them. Which is actually from VXHeaven. I try to use md5 scanning method but doesn't work. So i learn another method which is the virus signature itself. But i also learn that is was possible only in C, C++ And i am still learning VB. C, C++ is so complicated!


Reformat your hard disk, and reinstall Windows from a clean source. And then either stop playing around with viruses - this is a damn good idea - or wait until you have both enough technical experience in your chosen language and the basic "working on viruses" knowledge to know to use a sandbox or VM rather than a live machine.

I suspect you are trying to write your own "virus scanner" or "antivirus", but you disabled your virus scanner to play with live viruses on your live system: you are an idiot, and you should have expected this to happen. You have no idea how many other viruses you have "installed" and a reformat and reinstall is the only sensible way to get back to a "clean" system. Remember that you also get MBR viruses, so you'll need to clean that as well.
 
Share this answer
 
Posted
Comments
Abraham Tinonahon silitonga 20-Jan-21 23:03pm    
Ya, i know that i shouldn't play with viruses, but the only thing that make me confuse is that how can the virus execute even though is not an executable? I tried that on a win xp Virtual Machine. But it have several errors that a .ocx file is missing. It's not a false error. When the virus execute itself, It didn't show up any error message but only 1 MDI App with 2 windows inside containing someone's picture. After i closed it, I suspect that the virus is still in my computer. Although i scan with all the antivirus i can download.

And by the way, How did you know about i get a MBR Virus. I don't see that my Master Boot Record is infected when i tried to scan it using the bootrec command. Oh ya, one more thing that i wan't to ask:

Is there any way to speed up the time when i try to restart or shutdown.

I actually search it on google and i found and download the file and scan it with kaspersky Internet Security but didn't show any threat, so i run it. But then, everything goes crazy, command prompt is disabled and including the registry editor.

And now, my taskbar did look like the old tablet mode in windows 10 1809. I tried to see if tablet mode is enabled but is not. All the app icons has a lot of space.

So can you please help me with these.
Abraham Tinonahon silitonga 20-Jan-21 23:09pm    
By the way, why did you say Congratulations?!
OriginalGriff 21-Jan-21 3:26am    
If you have to ask, you wouldn't understand - or you wouldn't like the answer.
Well, if you had any sense, you would NOT have been playing around with viruses on your live machine that you need.

You do it on virtual machines that you can snapshot and roll back. That way, you always start with a known clean machine. The virus cannot make the jump from the VM to your live machine. Well, not unless you do REALLY ostupid things.

Oh, and just copying a file infected with a virus will NEVER execute the virus. Scanning the file with a virus scanner will NEVER execute the virus. You have to launch the infected file for the virus to be executed.

You messed up. You really have no choice but to wipe your machine and rebuild from scratch.
 
Share this answer
 
Posted
Comments
Abraham Tinonahon silitonga 20-Jan-21 23:08pm    
Oh about that one, i think that i tried to use clamAV to scan the file and showed that the file was clean. So i tried to make a new database and add the file. But then when i tried to use the database to scan the file again using clamAV, It finish scanning and the virus execute. I check where the virus location is but then i saw that it was the same directory where i keep it. The original file name was Virus.Win32.VB.LR

It was not an executable. I check it using command prompt and explorer but both of them show that it execute with the file name was not an executable.
Dave Kreskowiak 20-Jan-21 23:18pm    
The only way to get a virus to execute is to launch it as code. Scanning it with a virus scanner will NOT do that. Copying the file into a database will NOT do that. Just reading the file will NOT do that.

It MUST be specifically loaded as code and executed. Now, if your machine is already infected with the virus, it's already running as part of the system, hooked into I/O functions in Windows, which CAN infect files and spread the virus without you knowing it, just by reading them.

Seriously, wipe the machine and start from scratch. Next time you want to play with a virus, ALWAYS do it in a virtual machine. The virus running in on virtual machine cannot impact or infect the host machine.
Abraham Tinonahon silitonga 21-Jan-21 4:32am    
How about the thing that i heard about anti-vm? What about it?
Abraham Tinonahon silitonga 21-Jan-21 4:34am    
And also, i will start it from scratch and reinstall it as soon as my kaspersky license expires. Which is in 28/11/2021.
Abraham Tinonahon silitonga 21-Jan-21 4:38am    
Because i don't know if my kaspersky account saves my license so i tried to save my files and try to reinstall windows and use the cloud installation option. By the way, i don't really know how dangerous a Visual Basic Virus is. I think that the virus should not have any related things with the main system like the CMOS memory and the BIOS.
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
How to resolve errors in developers tools section in browser
How to resolve system.indexoutofrangeexception
How to resolve this error
Resolve host name from IP
Unable to deploy VB.NET app on client computer
How to resolve uncaught runtime errors
Could not resolve host: api-3t.sandbox.paypal.com
Nest.js cannot resolve dependencies
[Resolved] codeigniter4 sweetalert not firing
MVC problem, please help me to resolve

Advertise
Privacy
Cookies
Terms of Use
Last Updated 11 Jan 2021
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web03 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900