I have a very nasty virus on wine...
-
- Level 1
- Posts: 7
- Joined: Mon Aug 15, 2011 1:44 pm
I have a very nasty virus on wine...
Like the title says, I have a very nasty virus on wine. I swear I've also encountered this same one (A few months ago) on a seperate vista machine. I Have a virus that does not seem to be doing anything, and stopped working after an 'X' reboot. However, It did try to execute a modified version of winlogo.exe (Windows logon executable), but we all know you can't log onto a Linux system with Wine.
So ever since it went doormat, The ONLY issue i've been having is with BitTorrent (And that is not much of an issue since I now use a different torrent manager), it just lags a lot, and takes forever to process a single click into the application.
I can run much more complicated applications on wine, such as Spore, a windows game including GLSL rendering, and I'm surprised a game like this runs under a virus without an issue. (It's awesome! )
I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?
Thanks.
So ever since it went doormat, The ONLY issue i've been having is with BitTorrent (And that is not much of an issue since I now use a different torrent manager), it just lags a lot, and takes forever to process a single click into the application.
I can run much more complicated applications on wine, such as Spore, a windows game including GLSL rendering, and I'm surprised a game like this runs under a virus without an issue. (It's awesome! )
I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?
Thanks.
I have a very nasty virus on wine...
On Sat, Sep 24, 2011 at 11:06 AM, wacossusca34
<[email protected]> wrote:
2. Do not run anything under wine using root, su or sudo
3. Install clamav in linux - this will protect against windows viruses
but not malware.
4. Use a linux native bittorrent client. There are many good ones.
John M. Drescher
<[email protected]> wrote:
1. Delete your wine prefixLike the title says, I have a very nasty virus on wine. I swear I've also encountered this same one (A few months ago) on a seperate vista machine. I Have a virus that does not seem to be doing anything, and stopped working after an 'X' reboot. However, It did try to execute a modified version of winlogo.exe (Windows logon executable), but we all know you can't log onto a Linux system with Wine.
So ever since it went doormat, The ONLY issue i've been having is with BitTorrent (And that is not much of an issue since I now use a different torrent manager), it just lags a lot, and takes forever to process a single click into the application.
I can run much more complicated applications on wine, such as Spore, a windows game including GLSL rendering, and I'm surprised a game like this runs under a virus without an issue. (It's awesome! )
I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?
Thanks.
2. Do not run anything under wine using root, su or sudo
3. Install clamav in linux - this will protect against windows viruses
but not malware.
4. Use a linux native bittorrent client. There are many good ones.
John M. Drescher
Re: I have a very nasty virus on wine...
http://wiki.winehq.org/FAQ#head-3cb8f05 ... 4e305a0459wacossusca34 wrote: I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?
Delete the wineprefix and run a virus scan on your home directory. And in the future, be more careful.
-
- Level 3
- Posts: 62
- Joined: Tue Aug 02, 2011 1:12 am
-
- Level 1
- Posts: 7
- Joined: Mon Aug 15, 2011 1:44 pm
- SpawnHappyJake
- Level 5
- Posts: 272
- Joined: Sun Feb 06, 2011 5:57 am
There is the universal window virus sledhammer. Clamav can be altered to be paranoid. Its a exe dll or contain any macros delete can be set to be marked as a virus and deleted by creating virus signatures to this effect.
Since exe and dll are not Linux binary you can set it to paranoid and not blow you feet completely out from out of you.
On windows running clamav paranoid will kill you since it basically deletes everything that is windows.
Islevi this is Linux there are far more effective ways to getting rid of the problem. Scorched earth policy. Check the system core against the packages it was installed from. Check the configuration files to rule out tampering.
Basically scorch earth all MS windows releated parts from the Linux system.
http://www.clamav.net/lang/en/faq/pua/ scripts from here is also possible.
Mind you scorched earth policy also applies to Linux Servers that are infected as well. Anything that cannot be confirmed as clean is removed.
This is why kernel.org is taking so long to bring back on line. The Linux world nature is do not mess around with virus or malware we want them dead and gone.
Lot of cases Linux differences to windows that effect wine do slow down virus spreed in wine.
For those running as root. The worse case I have seen giving support was to a person running wine as root. The windows virus could not tell the difference between a PE file and a ELF file thought both were executables so infected the lot yes the ELF files patched completely incorrectly so rendered non operating. Result vmlinux yes the boot image of Linux was virus damaged so Linux would not boot at all same with every other Linux executable and script. Clean install was the only option.
Basically you are bonkers running Wine as root you are playing Russian rollete with your system.
wacossusca34 user separation is an option. clamav runtime scanning or other runtime scanning where wine is. Please note this is not perfect some viruses will slip threw.
Finally don't do internet access to toxic locations like bittorrent providing non legal content. Legal provides of torrents I have never ever see a virus come from one of those sources. So you must be playing somewhere that you should not be.
I don't mean to be mean there is a lot of legal above board ways to get content or at least in away that has low risk.
One low risk way is downloading video clip from youtube and using vlc to cut the audio off into a mp3 file. Not like youtube is going to tolerate viruses. Basically start thinking of other locations you could get what you are getting bittorrent stuff from. Of course this depend on country if doing this is 100 percent legal.
Better slightly illegal and away from virus pricks than slightly illegal hanging out with virus pricks. Really I don't feel sorry for you wacossusca34 its basically if you lay down with dogs expect to get up with fleas.
Best thing you can do wacossusca34 is associate with a better crowd because to be infected the way you were you are most likely hang out with the wrong crowd.
Since exe and dll are not Linux binary you can set it to paranoid and not blow you feet completely out from out of you.
On windows running clamav paranoid will kill you since it basically deletes everything that is windows.
Islevi this is Linux there are far more effective ways to getting rid of the problem. Scorched earth policy. Check the system core against the packages it was installed from. Check the configuration files to rule out tampering.
Basically scorch earth all MS windows releated parts from the Linux system.
http://www.clamav.net/lang/en/faq/pua/ scripts from here is also possible.
Mind you scorched earth policy also applies to Linux Servers that are infected as well. Anything that cannot be confirmed as clean is removed.
This is why kernel.org is taking so long to bring back on line. The Linux world nature is do not mess around with virus or malware we want them dead and gone.
Lot of cases Linux differences to windows that effect wine do slow down virus spreed in wine.
For those running as root. The worse case I have seen giving support was to a person running wine as root. The windows virus could not tell the difference between a PE file and a ELF file thought both were executables so infected the lot yes the ELF files patched completely incorrectly so rendered non operating. Result vmlinux yes the boot image of Linux was virus damaged so Linux would not boot at all same with every other Linux executable and script. Clean install was the only option.
Basically you are bonkers running Wine as root you are playing Russian rollete with your system.
wacossusca34 user separation is an option. clamav runtime scanning or other runtime scanning where wine is. Please note this is not perfect some viruses will slip threw.
Finally don't do internet access to toxic locations like bittorrent providing non legal content. Legal provides of torrents I have never ever see a virus come from one of those sources. So you must be playing somewhere that you should not be.
I don't mean to be mean there is a lot of legal above board ways to get content or at least in away that has low risk.
One low risk way is downloading video clip from youtube and using vlc to cut the audio off into a mp3 file. Not like youtube is going to tolerate viruses. Basically start thinking of other locations you could get what you are getting bittorrent stuff from. Of course this depend on country if doing this is 100 percent legal.
Better slightly illegal and away from virus pricks than slightly illegal hanging out with virus pricks. Really I don't feel sorry for you wacossusca34 its basically if you lay down with dogs expect to get up with fleas.
Best thing you can do wacossusca34 is associate with a better crowd because to be infected the way you were you are most likely hang out with the wrong crowd.