Windows Security Virus Detected on Windows 98 SE Beta OS!

So I'm just downloading Windows 98 SE Beta versions, and then when the file finished downloading Windows Security Detects the following files as a virus: Microsoft Window 98 Second Edition ("Memphis" 4.10.2183A) (Beta).7z & Microsoft Windows 98 Second Edition ("Memphis" 4.10.2150A) (beta).7z

I hope WinWorld can check this so If I need to delete the files or its just something so the file can not be damaged or corrupted.

Comments

  • edited July 15

    Windows Defender on my PC didn't detect anything in the 2150A 7z from the Kansas City mirror. (IPFS wasn't working)

    What I don't get is that a custom scan of Windows Defender for a folder containing a single file does my entire partition anyway. It was quick compared to say, ClamWin but haven't you heard of the notion of obedience, Microsoft?

  • From the screenshots, it appears that WinRAR had made the detections and not Windows Defender (as WinRAR does have a built-in virus checker). Most likely a false positive, unless someone proves me wrong.

  • edited July 15

    I think that was Microsoft Edge Chromium. I've never used it but I do know that the old UWP Edge integrated with Windows Defender and would immediately delete any downloads identified as malicious.

    In that case it would be Edge + Defender checking for viruses, and not WinRAR (which just happens to be associated to 7z files). Edge wouldn't know if WinRAR itself detected anything.

  • I'm Using a opera browser cuz that's the only browser I had which didn't give me a malware from the start, but maybe your right WinRAR probably founded a virus in it and then it sends it to windows defender to block it but I hope its just a false positive in the mean time I will try to scan it to see if it detects virus on it.

  • Probably could be a false alarm by your anti-virus, or your browser. I am sure that the library doesn't have any viruses...

  • So I Found out There's Trojan both on those files and there are: Trojan:Win32/Fuery.B!cl & Trojan:Win32/Emotet.LK!ml

    and I read These two sites explaining it:1. https://malwarefixes.com/threats/trojanwin32fuery-bcl/

    1. https://www.symantec.com/security-center/writeup/2017-071312-0253-99

    I don't think the second is explaining a lot because the virus hasn't spread that much, but the first on is kinda interesting why would it be on a windows 98 SE Beta file.

    I hope the publisher of the file will find a way to delete it and try restore the OS on how it is without the trojan.

  • edited July 16

    I'm inclined to believe this is a false positive.

    I downloaded "Microsoft Window 98 Second Edition ("Memphis" 4.10.2183A) (Beta).7z", extracted it and scanned it with both Windows Defender and Avast. Neither detected any infection of the 7z file or the extracted ISO.

    The trojan(s) being identified only affect Windows XP onward, so even if it was infected, I don't see how it would be able to cause any damage unless you really, really tried.

  • Thanks Duff, I just interested on what can it affect what what machine it effected on the first place but now that I know that it will only affect windows XP I can then allow the files So I can use them on my VMware.

    Im happy that this is a false alarm and not a trojan that will afffect my computer Its just been a while since I got one, I only had virus's, trojans, ransomware on my windows 8.1 when I was not careful but now I'm safe. :) :) :) :)

  • For whatever it's worth, the 4.10.2150a build appears to be 100% identical to betaarchive's. It looks like they replaced their 4.10.2183a with a genuine CD dump, which is packaged a bit differently.

    Anyway virus scanners are bad about getting false positives. A way while back we had issues with some virus scanner flagging NT 4 server utilities, even directly off of a genuine CD.

    Does it anywhere say exactly what file in the archive it thinks has an issue? Sometimes you can report false positives to vendors, but you have to narrow it down a bit.

  • Wow even NT4 server utilities?

    Someone need to figure out why there's virus's on some OS and server utilities, from the files here and from genuine CD and check if it can be fixed so there will be no virus of some sort.

  • There are no viruses, just false positives, especially on original Microsoft CD-ROMs (Read Only Memory, so no one could have infected it along the way).

    Try reporting it to your antivirus vendor and hope they care about 20 year old software.

    The only case I'm aware of where malware has affected official MS media in some way is the ~600 MB POSReady 2009 evaluation image (not the 3-4 GB one with foreign language support and extra components). The computer on which it was built was infected though it had been largely cleaned up by build time (with the exception of a few registry entries which reference ssoexec.dll, which is not part of the OS)

Sign In or Register to comment.