[Wine] Re: I have a very nasty virus on wine...

oiaohm wineforum-user at winehq.org
Sun Sep 25 20:46:28 CDT 2011

There is the universal window virus sledhammer.  Clamav can be altered to be paranoid.  Its a exe dll or contain any macros delete can be set to be marked as a virus and deleted by creating virus signatures to this effect.

Since exe and dll are not Linux binary you can set it to paranoid and not blow you feet completely out from out of you.

On windows running clamav paranoid will kill you since it basically deletes everything that is windows.

Islevi this is Linux there are far more effective ways to getting rid of the problem.  Scorched earth policy.  Check the system core against the packages it was installed from.  Check the configuration files to rule out tampering.

Basically scorch earth all MS windows releated parts from the Linux system.

http://www.clamav.net/lang/en/faq/pua/  scripts from here is also possible.

Mind you scorched earth policy also applies to Linux Servers that are infected as well.  Anything that cannot be confirmed as clean is removed.

This is why kernel.org is taking so long to bring back on line.  The Linux world nature is do not mess around with virus or malware we want them dead and gone.

Lot of cases Linux differences to windows that effect wine do slow down virus spreed in wine. 

For those running as root.  The worse case I have seen giving support was to a person running wine as root.  The windows virus could not tell the difference between a PE file and a ELF file thought both were executables so infected the lot yes the ELF files patched completely incorrectly so rendered non operating.  Result vmlinux yes the boot image of Linux was virus damaged so Linux would not boot at all same with every other Linux executable and script.  Clean install was the only option.

Basically you are bonkers running Wine as root you are playing Russian rollete with your system.

wacossusca34 user separation is an option.  clamav runtime scanning or other runtime scanning where wine is.  Please note this is not perfect some viruses will slip threw.

Finally don't do internet access to toxic locations like bittorrent providing non legal content.  Legal provides of torrents I have never ever see a virus come from one of those sources.  So you must be playing somewhere that you should not be.

I don't mean to be mean there is a lot of legal above board ways to get content or at least in away that has low risk.

One low risk way is downloading video clip from youtube and using vlc to cut the audio off into a mp3 file.  Not like youtube is going to tolerate viruses.  Basically start thinking of other locations you could get what you are getting bittorrent stuff from.  Of course this depend on country if doing this is 100 percent legal.

Better slightly illegal and away from virus pricks than slightly illegal hanging out with virus pricks.  Really  I don't feel sorry for you wacossusca34 its basically if you lay down with dogs expect to get up with fleas. 

Best thing you can do wacossusca34 is associate with a better crowd because to be infected the way you were you are most likely hang out with the wrong crowd.

More information about the wine-users mailing list