Yes, I know. But unfortunately my new windows vista home premium 64 bit with amd athlon quad processor. . . hard drive toated itself after only 1 and 1/2 year use and is back in factory (under original warranty) to have a new hard drive installed. I still have my Dell year 2000 desktop PC with the said component below, for simple internet use till I get back my PC.

OS: Windows 98 2nd edition
Browser: Firefox version 2.0.0.20 - 52nd version down from the latest



Re: clamav_report_301110_160240_BCHeuristicsRootkit.B-9.MV FOUND

I just finished scanning and found this report. How do I remove the infection?

Thanx for your help

This could very well be a false positive. Those Clam heuristics are subject to detecting an infection when the file is not really infected. The only way to tell for sure is to upload the "infected" file to either Jotti at http://virusscan.jotti.org/en on the web or to VirusTotal at http://www.virustotal.com/ on the web. Either service will scan a file with multiple antivirus programs, including Clam AV, which furnishes the scan engine and signature database for ClamWin. If at least a couple of these AVs see an infection, I usually believe it: AntiVir, Bitdefender, Kaspersky, Nod32, and Sophos. If a couple of the larger AVs like McAfee, Microsoft, or Trend Micro see an infecttion, that is also a good indication that it is real, but they can be a bit slow with the signatures, as they don't rely on heuristics as much as some of the other AVs.

If the file turns out to be a false positive, upload it to Clam AV at http://www.clamav.net/lang/en/sendvirus/ on the web. When you get to the upload form, be sure to check the "false positive" designation, and tell the exact name of the virus that is falsely detected in the comments section.

You may be interested in the Clam Sentinel add-on program at http://sourceforge.net/projects/clamsentinel/ on the web, which enables you to scan in real-time with ClamWin. It was originally written for Windows 98 computers but works fine on XP, Vista, and Windows 7 as well. You must install clamWin before you install Clam Sentinel.

Regards,

Thank you!

I'm not so sure if I did the right thing. I went to the recommended 2 sites and uploaded each to the 2 sites via C drive >Program Files > Clamwin> bin > clamav_report_301110_160240_BCHeuristicsRootkit.B-9.MV FOUND and it came out negative from both sites. On the other hand, if I uploaded the wrong one the scan will give me an error message? The reason being I'm used to going to the quarrantine folder where I think it should be. Do I make sense? Below is the actual report and shows the location where I think it should be uploaded from and could not access this - "c:\WINDOWS\OPTIONS\CABS\NET9.CAB: BC.Heuristics.Rootkit.B-9.MV FOUND ". Please advise before I jump into the "false positive conclusion" Thanks!

Data read: 7.15 MB (ratio 1.00:1)
Time: 20.380 sec (0 m 20 s)


Scan Started Tue Nov 30 15:09:12 2010
-------------------------------------------------------------------------------

WARNING: Can't open file c:\WINDOWS\WIN386.SWP: Permission denied

c:\WINDOWS\OPTIONS\CABS\NET9.CAB: BC.Heuristics.Rootkit.B-9.MV FOUND

----------- SCAN SUMMARY -----------
Known viruses: 852121
Engine version: 0.96.4
Scanned directories: 2082
Scanned files: 22577
Infected files: 1
Data scanned: 4039.59 MB
Data read: 3940.94 MB (ratio 1.03:1)
Time: 3155.640 sec (52 m 35 s)


Scan Started Tue Nov 30 18:58:40 2010
-------------------------------------------------------------------------------

c:\WINDOWS\OPTIONS\CABS\NET9.CAB: BC.Heuristics.Rootkit.B-9.MV FOUND


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

2) Re: Clam Sentinel add-on program

I downloaded and I'm new to it. I have a desktop icon where I click open and an icon appears at the bottom right where the time, clamwin etc. are. Do I leave it there and let it run by itself while I'm using the PC and/or on the web? Do I do this manually as a choice and exit the program? Please advise on its more effective application. Thank you!

3)While I have your attention, pls advise on the best combination free ware/source programs that works well with clamwin. Below are 3 programs installed in my windows 98 2nd edition.


1) Sygate Personall Firewall 5.6 build 2808 - I found out just now that this firewall was acquired by Norton and therefore no available update with it being obsolete.

2) Spybot - Search and Destroy 1.6.2.46 - this one is updated regularly but it's getting too big for my windows 98. If I run it, it takes time to open up and, my free system resource drops down to a dangerous 37% when scanning. Do I really need this program?

3)SpywareBlaster 4 Version 4.4
(Prevent the installation of potentially unwanted software from Javacoolware) - this one is updated regularly too and I have no problem with it.


Thank you !

You will need to upload the actual real file in question to either Jotti or Virus Total ( I like Jotti) to check what other AVs say about it. They can do nothing with just a scan report or another file. If the file is a real Windows file, you may lose access to your operating system if you quarnatine it or remove it from the Windows directory. See if you can do an online scan of your computer at the Bitdefender site at http://www.bitdefender.com/scanner/online/free.html on the web. If you can scan your computer there, the scan is very reliable.

I recommend that you do not use Spybot Search & Destroy. In my opinion, it has not been kept up with technology and is not as good as it was several years ago. You may have to take whatever firewall you can get because software for Win 98 machines is getting scarce. Actually, Win 98 is fairly safe--not many viruses target it directly now. Spyware Blaster is good--it uses no memory and gives some extra protection. There is an article from Clam Sentinel about getting extra protection at http://clamsentinel.sourceforge.net/MaxSentinel.html on the web. There is also a Sentinel Simple Guide at http://clamsentinel.sourceforge.net/SentinelSimpleGuide.html on the web.

If you see the Sentinel badge icon in your system tray, it is operating. You will see the icon light up a bit when it is scanning. You can configure Sentinel by either right-clicking or left-clicking on the icon. For now, make sure you have enabled the Setting to Run Clam Sentinel upon startup. Read the Simple Guide before you do anything else. Configuration is done via the Settings and Advanced Settings. You may just want to wait until the next version (1.15) before configuring the setting to Monitor System For New Malware if the messages bother you too much. You will be able to stop the messages but still monitor for unknown malware in version 1.15 which is now in testing.

Regards,

Thank You!

I do not know any other way to locate and upload the real file in question to Jotti, aside from the report file and if it is a real windows file which I cannot touch. Bitdefender only scans from windows2000 and up. I guess the only solution is to reinstall my Windows 98se, if there is no alternative avalable? On the other hand, my Dell desktop still runs good going on 11 years now. So, I'm thinking of going for a compatible Linux program with a partitioned Windows 98se, instead of the other way around.

After diligent searching, I was able to install "Tiny Personal Firewall" Engine 2.0.9 Driver version 2.0.8. I could not install free ZoneAlarm because of DLL issues: " Could not load the DLL libarary c:\windows\TEMP\120110114112\vsutil.dll. One of the library files needed to run this application cannot be found" If I'm right, this is about the Registry. I notice similar error messages for other online free security softwares too that I'm not able to install. I'm familiar with several free trial online services to automatically scans PCs health to include the Registry and repairs, to include driver update analysis which also includes installing the latest drivers available. It's too good to be true and with chances of glitches I cannot afford to have.

I also now have winpatrol and clam sintinel with my Spywareblaster. I also ran across 98/ME Smoker 1.2 http://download.cnet.com/98-ME-Smoker/3000-18487_4-49045.html which I was able to install and wished I knew about it before. My Windows 98se runs like new now. So overall, I'm happy that my no-longer-supported Win98se's life is extended.

I jumped from this OS to Windows Vista Home premium only because there is no new PCs with windows XP available to me in 2007. Meanwhile I just got my problematic WinVista from having the hard drive replaced after only 1 1/2 years, a brand new top-of-the-line replacement (with "quadcore processor designed for high and intense video gaming which I'm not into) to the same brand name previous to this, where I've been having display problems - continuing video card issues extended to this brand new replacement - and 2 motherboard replacements.

I chose the other issues mentioned above kept together here in this post, as I will be spreading myself too thin if I opted for new posts for some of them in order to help others. I hope I have not taken much of your time and thank you for your patience and assistance.

Have a good day and a good Holiday.

neiani

According to the scan report, the file in question is located at c:\WINDOWS\OPTIONS\CABS\NET9.CAB on your computer. See if you can find the file, and if so, copy it to your quarantine directory and try to upload it from there. If you can't see it, see if you can change your Control Panel, Folder Options, View to show hidden files and not hide extensions and protected operating system files. You may be able to see, copy, and upload then.

I have Vista but think it is a dog. I will upgrade to Windows 7 next year on this machine (laptop). Only problem is, I may need a bit more memory.

Clam Sentinel Version 1.15 will probably be released this weekend. It has been tweaked to give a bit better detection, less false positives, and more user control over the heuristic System Monitor.

Regards,