You are here

Trojan horse Downloader Zlob.UAQ in Clamwin Portable 0.92 & Sumatra Portable 0.8

2 posts / 0 new
Last post
leofort7
Offline
Last seen: 16 years 9 months ago
Joined: 2008-02-09 02:40
Trojan horse Downloader Zlob.UAQ in Clamwin Portable 0.92 & Sumatra Portable 0.8

Discussion moved here: https://portableapps.com/node/11334

Learning about portable apps gave me a fresher perspective in using my hard drive. Upon first installing all apps that came with the suite, I made use of all the apps and everything was normal.

I use my portable hard drive on at least three computers--one desktop at home, one desktop at the office and my notebook. All desktops & the notebook have XP SP2 as OS and have been constantly updated on-line. I have a full suite of AVG Home Internet Security at home while the office has its own set of anti virus software. This morning, I noted that AVG got hold of this trojan horse above in Sumatra Portable 0.8 as well as in Clamwin Portable 0.92. I tried using my portable hard drive at home and noted the same finding. My PrevX2 anti-malware indicator at home even turned red upon seeing this same trojan horse.

Both earlier releases of Clamwin & Sumatra Portables did not give me these problems. Anyone could help me iron this out? I am not so much of a techie but understand that I need to surf safe all the time--I hate viruses, malware, etc adversely affecting PCs I use anywhere and I would not want the same thing to happen to others.

Meanwhile, I just have to delete Clamwin & Sumatra from my portable hard drive.

Jimbo
Offline
Last seen: 4 years 10 months ago
Joined: 2007-12-17 05:43
Also worth getting a "second opinion"

Best thing you can do when you get something like that is submit the file to http://www.virustotal.com/ where they will scan it with over 30 different AV products. If only one of them shows it as malware, it is almost certainly a false alarm, and you should report it as such to your AV company. If half a dozen or more of them agree about it, the it quite likely is a fairly new virus, and you should do a FULL scan of your computer with one of the apps that does detect it to make sure that you're not further infected.

Also, some AV software will work better if you don't delete the virus, but allow a full scan to identify it and then clean it. For example, if it finds a randomly named dll or exe that scans as being a virus, it will then look for that file name in various registry keys and clean it from there, too. If you just delete the file manually, the junk in the registry can be left behind.

Edit: Note though, that the two apps that you name are almost certainly not to "blame" for this. If the infection is genuine, they are probably just victims of it.

And... a quick google for zlob.uaq turns up exactly one hit - a report of a false positive from AVG's heuristic scanner, so I would definitely suggest using virustotal to check them out in future.

Topic locked