Virus Threat Positive: Mal/Generic-S

Open forum for end-user questions about Wine. Before asking questions, check out the Wiki as a first step.
Forum Rules
Locked
deevine
Newbie
Newbie
Posts: 1
Joined: Thu Feb 20, 2020 9:57 am

Virus Threat Positive: Mal/Generic-S

Post by deevine »

During wine install on ubuntu 18.04 I got this alert from Sophos AV:

Threat Mal/Generic-S detected in file opt/wine-stable/libwine/winemine.exe.dpkg.
File is still infected... multiple alerts

What is this? Can anyone advise on how to test files and resolve for any false positives...?
This comes on top of the trouble I had adding bionic main repository on ubuntu 18.04, which forced me to add xenial main repository instead...
jkfloris
Level 12
Level 12
Posts: 3136
Joined: Thu Aug 14, 2014 10:10 am

Re: Virus Threat Positive: Mal/Generic-S

Post by jkfloris »

I wouldn't worry so much about the virus notification if you use WineHQ's Wine packages.
Occasionally Wine gives false positives. You could report them to Sophos if you like.

It's much weirder that you had to add the xenial repository. Because which version of Ubuntu do you use now? Bionic or Xenial?
Right now you have made your own new version.
What is the output of:

Code: Select all

grep -R ^deb /etc/apt/sources.list*
mrDBUG
Level 1
Level 1
Posts: 5
Joined: Thu Apr 30, 2020 6:06 pm

Re: Virus Threat Positive: Mal/Generic-S

Post by mrDBUG »

I also get this virusreport on Sophos ! I upgraded to the wine-devel version instead and now I get no report from Sophos
but " Gen:Variant.Razy.613260 " from 12 other engines .. ! :? :?

Greets Dag !
Gcenx
Level 6
Level 6
Posts: 709
Joined: Mon Dec 25, 2017 12:11 pm

Re: Virus Threat Positive: Mal/Generic-S

Post by Gcenx »

False positives, this started once wine began the transition over to PE binaries.

As wine now provides basically “fake” windows binaries Anti-Virus don’t always verify the binaries fully they just flag them.

Even after I rebuild mingw-binutils with Protons patches I still get false positives VirusTotal
mrDBUG
Level 1
Level 1
Posts: 5
Joined: Thu Apr 30, 2020 6:06 pm

Re: Virus Threat Positive: Mal/Generic-S

Post by mrDBUG »

ahh ! Cool ! Thanks for assurance !
mrDBUG
Level 1
Level 1
Posts: 5
Joined: Thu Apr 30, 2020 6:06 pm

Re: Virus Threat Positive: Mal/Generic-S

Post by mrDBUG »

Hello !

Another false positive ?

"cacls.exe" on wine 5.0.2 ! Odd that it was only that file my Sophos reacted on ?

https://www.virustotal.com/gui/file/54f ... /detection
Locked