Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Win32.malware.gen and W32.obfuscated.gen in Wine

  1. #11
    Join Date
    Aug 2013
    Beans
    8

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    Then I should advice you to do not use any visrusscanner/spyware removal tool/malware removal tool.

    I know the effectiveness of virusscanners is not 100%, but because we have no alternative , we have to trust them.

    Kind regards,

    Jan Florijn

  2. #12
    Join Date
    Mar 2010
    Location
    Metro-ATL
    Beans
    Hidden!
    Distro
    Lubuntu 14.04 Trusty Tahr

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    Quote Originally Posted by JanFlorijn View Post
    I used synaptic, searched wine, and the first hit in the description contains "megapack".
    1 character wrong leads to a completely different interpretation.

    "megapack" - something put together by a 3rd party to include everything you could possibly want and a few things you don't want.
    "metapack" - something put together by Canonical to include everything necessary for most people.

    1 character difference. A meta-package is just a package made up of other packages - all trusted. I think you are fine and seeing false positives if you truly installed a wine-meta-package.

  3. #13
    Join Date
    Jan 2009
    Location
    ::1
    Beans
    2,461

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    Quote Originally Posted by JanFlorijn View Post
    I used synaptic, searched wine, and the first hit in the description contains "megapack".
    My Software Center says "Microsoft Windows Compatibility Layer (meta-package)". So, do you mean "meta-package" and thus not "megapack"? If so, I have that installed.

    To verify your claim, I ran a virus scanner on my harddisk, and no virus was reported (only the eicar.com-testvirus I had planted on my harddisk).
    Conclusion: I cannot confirm your claim.



    Code:
    sander@flappie:~$ sudo freshclam
    ClamAV update process started at Wed Oct 16 18:36:59 2013
    WARNING: Your ClamAV installation is OUTDATED!
    WARNING: Local version: 0.97.8 Recommended version: 0.98
    DON'T PANIC! Read http://www.clamav.net/support/faq
    main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
    daily.cvd is up to date (version: 17964, sigs: 407063, f-level: 63, builder: guitar)
    bytecode.cvd is up to date (version: 228, sigs: 43, f-level: 63, builder: neo)
    sander@flappie:~$ 
    
    
    sander@flappie:~$ clamscan -r --infected
    /home/sander/kul/eicar.com: Eicar-Test-Signature FOUND
    /home/sander/.onzichtbaar/eicar.com: Eicar-Test-Signature FOUND
    
    ----------- SCAN SUMMARY -----------
    Known viruses: 2826015
    Engine version: 0.97.8
    Scanned directories: 4567
    Scanned files: 43989
    Infected files: 2
    Total errors: 1
    Data scanned: 2924.64 MB
    Data read: 67330.62 MB (ratio 0.04:1)
    Time: 428.869 sec (7 m 8 s)
    sander@flappie:~$

  4. #14

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    Quote Originally Posted by TheFu View Post
    if VLC can't play it, then I don't need to hear or watch it.
    Amen.


  5. #15
    Join Date
    Aug 2013
    Beans
    8

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    Yes, the question concerns Wine. Installing Wine and scanning the .wine map in webroot reports infections.
    At one hand:
    I must trust on Webroot. It is no program with false/positives.
    At the other hand:
    Is it correct to use Webroot and other windows security software on Wine dll's?
    Is it correct to compare the behaviour of wine dll's with dll'l in Windows?

    And if Windows security is not to be used for Wine:
    How to control security in Wine?

    Kind regards,

    JanFlorijn

  6. #16
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: Win32.malware.gen and W32.obfuscated.gen in Wine

    I have to say, that I'm not sure if your methodology is the correct way to go about searching for viruses. Copying the Wine directory to your windows install, leaves it open to malware that may already be resident on your Windows system.

    You may want to re-install Ubuntu-Studio using the Ext3 file system which Windows can access with a helper application, then do an in place malware scan.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •