[Wine] ClamAV thinks Wine contains a rootkit?
James Mckenzie
jjmckenzie51 at earthlink.net
Thu Sep 30 09:30:02 CDT 2010
doh123 <wineforum-user at winehq.org> wrote:
>Sent: Sep 29, 2010 10:37 PM
>To: wine-users at winehq.org
>Subject: [Wine] ClamAV thinks Wine contains a rootkit?
>
>Anyone wanna explain why ClamAV thinks Wine has a rootkit in it?
>
>It finds "mountmgr.sys" and "usbd.sys" as "BC.Heuristics.Rootkit.B"
>
>This is not altered Wine.. or even used... but it happens just pure straight up compile from source Wine even if its never
>been ran.... its finding them in the fakedlls folder.
>
This was discussed last week and the determination is that it is a false positive from ClamAV. At least we can confirm that as that rootkit does not run on the Mac, as far as I can determine.
>I have not tried on Linux, only on Mac OS X, using the ClamAV 0.96.2 base
Can you report this to ClamAV?
James McKenzie
More information about the wine-users
mailing list