Bow and question

Juan Carlos Montes Senra jcmontes at
Tue Jan 8 03:20:08 CST 2008

Shachar Shemesh escribió:
> But what good is a malware study tool if the malware can trivially
> detect it's there? What if it doesn't infect the machine, but just run
> differently?
> There are Windows tools that do similar things to what you need (check
> out the sys-internals web site), where the environment is much more
> close to the real thing.
> Actually, Dan's question is the more interesting here - did the malwares
> work under wine?
> Shachar

I know that in windows we can found similar things, but with wine we can make a
first check, make a simple report, and send it to client.
Later, we can make a good manual analysis.

At the moment we can report quickly if a malware delete files, change registry...

"did the malwares work under wine?"
a lot of, :)

Think... if we dont get results, we must made a manual analysis...

Juan Carlos Montes Senra
Instituto Nacional de Tecnologías de la Comunicación
email: juancarlos.montes at | jcmontes at
Tlf. 0034 987 877 189 - ext. 532

More information about the wine-devel mailing list