[Wine] ClamAV thinks Wine contains a rootkit?

John Drescher drescherjm at gmail.com
Thu Sep 30 07:18:36 CDT 2010

> Anyone wanna explain why ClamAV thinks Wine has a rootkit in it?
> It finds "mountmgr.sys" and "usbd.sys" as "BC.Heuristics.Rootkit.B"
> This is not altered Wine.. or even used... but it happens just pure straight up compile from source Wine even if its never been ran.... its finding them in the fakedlls folder.
> I have not tried on Linux, only on Mac OS X, using the ClamAV 0.96.2 base

I think this was discussed a week or so ago and concluded that this
was a detection false positive.


More information about the wine-users mailing list