Using F-Prot Free edition for Linux, I used the command:
Code: Select all
sudo /opt/f-prot/fpscan /home/horus/ --all --maxdepth=50 --archive=25 --adware --applications --verbose=1 --output=/home/horus/bitdefender/f-prot_log/f-prot-scan.log --disinfectCode: Select all
F-PROT Antivirus CLS version 6.7.10.6267, 32bit (built: 2012-03-27T12-34-14)Code: Select all
FRISK Software International (C) Copyright 1989-2011
Engine version: 4.6.5.141Code: Select all
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/winhlp32.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/winhlp32.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/wbem/wmic.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/wbem/wmic.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/clock.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/clock.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/dism.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/dism.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/dplaysvr.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/dplaysvr.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/dpnsvr.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/dpnsvr.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/dpvsetup.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/dpvsetup.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/dxdiag.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/dxdiag.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/explorer.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/explorer.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/fsutil.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/fsutil.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/ipconfig.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/ipconfig.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/msiexec.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/msiexec.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/msinfo32.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/msinfo32.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/net.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/net.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/oleview.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/oleview.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/progman.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/progman.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/reg.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/reg.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/regedit.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/regedit.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/regsvr32.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/regsvr32.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/taskkill.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/taskkill.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/tasklist.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/tasklist.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/uninstaller.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/uninstaller.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/view.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/view.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/wineboot.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/wineboot.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/wineconsole.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/wineconsole.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/winefile.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/winefile.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/winemine.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/winemine.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/syswow64/wscript.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/syswow64/wscript.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/winhlp32.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/winhlp32.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/windows/command/start.exe
[Failed to disinfect] /home/horus/.wine/drive_c/windows/command/start.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.wine/drive_c/Program Files (x86)/Windows Media Player/wmplayer.exe
[Failed to disinfect] /home/horus/.wine/drive_c/Program Files (x86)/Windows Media Player/wmplayer.exe
[Found security risk] <W32/Tibs.R.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/mshta.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/mshta.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/dplaysvr.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/dplaysvr.exe
[Found security risk] <W32/Graftor.RK.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/dpvsetup.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wineprefix/SWTOR/drive_c/windows/system32/dpvsetup.exe
[Found security risk] <W32/Tibs.R.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wine/linux-x86/5.22/lib/wine/mshta.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wine/linux-x86/5.22/lib/wine/mshta.exe
[Found security risk] <W32/Tibs.R.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wine/linux-x86/5.12/lib/wine/mshta.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wine/linux-x86/5.12/lib/wine/mshta.exe
[Found security risk] <W32/Tibs.R.gen!Eldorado (generic, not disinfectable)> /home/horus/.PlayOnLinux/wine/linux-amd64/5.22/lib/wine/mshta.exe
[Failed to disinfect] /home/horus/.PlayOnLinux/wine/linux-amd64/5.22/lib/wine/mshta.exe
Picking a single file for an online malware scan using VirusTotal https://www.virustotal.com, I scanned a single file to determine if it's a 'false-positive'; or not.
The file I scanned online at VirusTotal: winhlp32.exe
Code: Select all
/home/horus/.wine/drive_c/windows/winhlp32.exe(1)
(2)
I've been using the free version of F-Prot in Linux for a number of years. I would say it's not known for having a lot of false-positives.
Even when I do get a positive, I sometimes use ClamAV, BitDefender [free Linux version], or an online scanner (like VirusTotal), to verify if it's a real malware infection; or not...
Not being a networking security expert, I'm lost for words; I've never seen so many hits from VirusTotal on a single file before. I'm used to seeing a couple display a possible false-positive, but never on so many engines at once.
I installed both Wine and PlayOnLinux recently [both the latest versions], to play Star Wars -- The Old Replublic [SWTOR] on my laptop.
I rarely get a reported infection from anti-malware software, it's almost always a false-positive. This situation, I don't know what to think. I'm not an experienced Wine user, and a novice networking security user. I don't know what to think.
Not being the 'hacker' or 'programmer' type, my hands are up in the air; if it's a false-positive, I can usually determine that solo in a few minutes. In this case, I have no idea what to do.
Searching for 'trojan' in the forums, I came up with a couple of threads that do not seem relevant for this situation; citing possible false-positives in an *.msi file, and ClamAV reporting a false-positive "win.trojan.ramnit".
Linux Kernel: 5.10.7-3
OS: Manjaro Linux [Arch] x64
Other system information:
I welcome any comments, suggestions, etc... Thank you!
