Virus Detection in Clamtk

Hello Ladies and Gentlemen!

I have made a Scan with Clam and it detects a Virus called Win.Virus.Expiro in 7 Files. I tested it with and the Virus was only detected by Clam and no other. So, I could be only a false-positive Thing but for Security I deleted my Zorin Partition and will do a new Install.

3 Files were in the /var/lib/repo/objects/ Path and 1 in the /var/lib/flatpak/org.gnome, org.freedesktop Path and 2 in the org.kde Path.

Maybe it is a false Alarm but I tought it could be a good Idea to write it down here to inform You. I don't know if others have that too.


Looks like a Windows Virus from 2011, could be false positive. I think you are wise to re-install and re-check with clam. Just ran a Clam AV scan on my root and nothing came up for 16.3 Lite.


Were the warnings related to "PUA". ClamAV is known to throw up false-positves there.
Have you seen FAQ:

1 Like

Yes, the PUA Stuff I know too. That I have with LibreOffice Makro Files. That are shown as PUA's. But a Virus Detection was new for me I must say. And it was a Windows Virus so deep in the Linux System ... I deleted the Partition. I made a Scan on Windows for the Case that there should be some Stuff got and the Scan was okay.

I will make a new Install of Zorin 17.1 and scan again and look what comes. But definetely a bit strange.

Just in case you find something odd, they have dedicated contacts to report false positives and things like that. I've never heard back from them, but I assume they are monitoring this :sweat_smile:

1 Like

Thank You. If I should have it again I will send it to them.

1 Like

A little Update:

I installed Z17.1 new, updated the System and scaned it again and ... negative. Nothing was found.

Theoretically I could now say ''All is good'' but the paranoid One in me was not convinced. So, I decided temporary to try/use another Distro. But I must think about what Distro I choose. I had made Mint on a Stick and wanted to install it but the Cinnamon Desktop ... is still not mine.

But then comes to my Mind that KDE releases her new Plasma 6 Desktop. So, I could try KDE Neon. I'm not a Plasma Guy too, but maybe the new Version get me; who knows.

The one and only time I ever had a virus, malware, or the combination of the too on Linux, was through Windows APP installs through WINE. This was just another reason for me to stop using Windows APPS on Linux.

I began to ask myself, why am I holding onto what once was? I told myself, your on Linux now dude, start acting like it, and install and run made for Linux native software, like Gimp, and Kdenlive. No need for any of this virus/malware ridden Windows trash.

Since making that decision, I haven't run across any virus's since. Regarding what ClamAV was throwing up though for you, that does indeed sound like a false positive. But I always give respect for those who air on the side of caution, vs those who throw all care to the wind and hope for the best. So good on you for being thorough.

1 Like

I don't use Wine or Bottles too because my Goal was to go away from Windows. But I'm in the comfortable Situation that I don't need to use it because I don't use any special Programs that are only available for Windows.

1 Like

ough anbox just went into archive. waydroid is the only option now

To give a new Update:

I tried KDE Neon but ... I saw that I'm still not a Plasma-Guy. I find it better that in the Past, but ... to use it ... I don't get a Flow with it. But that is only my personal Problem. I don't want to say that Plasma is a bad Desktop.

So, now I'm back on Zorin. I'm still landing here again, haha! I installed it, updated it and scaned it and nothing was detected like the first fresh Installation.


Same here. I just... Plasma kills me. I do not want to denigrate it ever but I do not believe I could ever get the hang of using it. It drives me up every available wall and across the ceiling.