Another antivirus diferent as ClamWin detected a virus on my as W32.Virut. Other antivirus as Sality.
I have a lot of files infected by the Sality virus but ClamWin detect it as good files.
ClamWin, could detect the infector file as a variant of Vundo Trojan.
When my computer was infected, I did not know ClamSentinel
I use an Windows 98 and i have installed ClamWin (of course), Clamsentinel and Spybot on my computer.
My computer hasn't a Internet Connection.
What can I do?
Sorry for may bad english! and thanks

You need an internet connection to update ClamWin. Perhaps you could update on a computer that has internet and then copy the files in the ClamWin database directory to the database directory on your computer.

If there is a virus that ClamWin does not detect, you should upload it (somehow) to Clam AV at https://www.clamav.net/lang/en/ on the web. Click on Submit A File and then click on the upload form. Clam AV furnishes the scan engine and signature database for ClamWin. They will prepare a signature in a day or two. You can submit false positives this way also.

ClamWin sometimes has false positive (wrong) detections that are not really viruses on Virut.

Regards,

Yes, I heard on this forum that had a false positive vith a variant of Virut But I think this is not my case
I think that Sality is not a false positive. The virus was detected by AVG Free ( W32/Virut) as virut, and by Kasperky and Panda Antivirus as Sality (Sality.AO)
My computer, has two operative systems and Windows XP run slow and I think I have more viruses. I will make an analysis with ClamWin from Windows 98 if there is something wrong there.
As I said earlier, my computer does not have internet connection, then update the database whenever possible, more or less once a week
Thanks for your help

Sality is a file infector that infects many files, which can make your computer slow.

With the XP operating system, get into Windows Safe Mode (restart and hit F8 every second or so when it starts booting up). When you get a screen, choose Normal/Regular safe mode and do a scan with ClamWin then. It would help to get current ClamWin signatures before starting. Set ClamWin's infected files option to Quarantine. If ClamWin has a signature for the virus files, it should detect it and quarantine them.

If you still have a problem, send me a personal message.

Regards,

Ok. I try it. Amd if I get any problem I Tell you. Ok?
Thanks for your help and have a nice day.

Hello and Good Morning.

I can't boot my Windows Xp on safe mode. A process called "services.exe", consumes a lot of resources on my PC
88% to 98%. It depends. My PC freezes and i have turn off with the "on" button. I will try to download a bootable image and i will clean my PC (if it has a virus)
I will download the new version of clamwin and the lastest database. My Windows 98 will be happy!


Thanks!

If you are unable to get into safe mode, then you most certainly have a virus. Sality is pretty nasty. If you can't detect the virus with ClamWin's updated signatures, I don't think the new version of ClamWin will help, and it might get infected.

Download the Microsoft Safety Scannert at https://www.microsoft.com/security/scanner/en-us/default.aspx. It might not work on Win 98 though. You do not have to install it--just click to run it.

Norman's Malware Cleaner will work on Win 98. It is available at https://www.norman.com/downloads/
malware_cleaner/en-us on the web. It is large, but it works very well.

If nothing helps, the ClamWin Antimalware page shows some more places to get help, including the F-Secure rescue disk. I have used it, and it is good. It is a Linux version of F-Secure, and Windows viruses can't hide from it. Download it and burn it to CD as an ISO file. It will work!

Then you can install the new version of ClamWin, and also install Clam Sentinel if you are not using it. It was originally designed for Win 98 machines. You can get it at https://sourceforge.net/projects/clamsentinel/ on the web.

Regards,

Thanks, but I have ClamSetinel on my computer it's the best solution for ClamWin. Now I have another question. Clam Sentinel dectects a diferent virus on two files User.dat and other file important for Windows 98se that I can't remember. Clam Sentinel insists to move it to quarantine but i restore it. Can be a virus?. Why?

Well, and them. My PC block when it tries to detect my DVD recorder.

Dat files do not usually contain viruses, but you can check any file out with Jotti at https://virusscan.jotti.org/en on the web or Virus Total at https://www.virustotal.com/ on the web. They will scan your file with multiple AV scanners (including Clam AV). If several other AVs besides Clam detect an infection, it is probably a real infection. I like to see 2 of these AVs detect an infection before I bleieve it: AntiVir, Bitdefender, Kaspersky, Nod32, and Sophos. You can upload false positive files to Clam AV at https://www.clamav.net/lang/en/sendvirus/ on the web. When you get to the submission page, change the submission type from "virus" to "false positive." Clam will change the signature in a few days. Until they do, you can whitelist the file in both Sentinel and ClamWin.

Neither ClamWin or Clam Sentinel should block access to your recorder, or to anything else. All they can do is report/quarantine/remove infected files. Something else must be blocking it.

Regards,