WineHQ
Wine Forums

Board index » WineHQ » Wine Help




 Page 1 of 1 [ 8 posts ] 



 
Author Message
 Post Posted: Sat Sep 24, 2011 10:06 am 
Offline
Level 1
Level 1

Joined: Mon Aug 15, 2011 1:44 pm
Posts: 7
Location: ca
Like the title says, I have a very nasty virus on wine. I swear I've also encountered this same one (A few months ago) on a seperate vista machine. I Have a virus that does not seem to be doing anything, and stopped working after an 'X' reboot. However, It did try to execute a modified version of winlogo.exe (Windows logon executable), but we all know you can't log onto a Linux system with Wine.

So ever since it went doormat, The ONLY issue i've been having is with BitTorrent (And that is not much of an issue since I now use a different torrent manager), it just lags a lot, and takes forever to process a single click into the application.

I can run much more complicated applications on wine, such as Spore, a windows game including GLSL rendering, and I'm surprised a game like this runs under a virus without an issue. (It's awesome! :D)

I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?

Thanks.


Top 
 Post Posted: Sat Sep 24, 2011 10:49 am 
 
On Sat, Sep 24, 2011 at 11:06 AM, wacossusca34
<wineforum-user@winehq.org> wrote:
Quote:
Like the title says, I have a very nasty virus on wine. I swear I've also encountered this same one (A few months ago) on a seperate vista machine. I Have a virus that does not seem to be doing anything, and stopped working after an 'X' reboot. However, It did try to execute a modified version of winlogo.exe (Windows logon executable),  but we all know you can't log onto a Linux system with Wine.

So ever since it went doormat, The ONLY issue i've been having is with BitTorrent (And that is not much of an issue since I now use a different torrent manager), it just lags a lot, and takes forever to process a single click into the application.

I can run much more complicated applications on wine, such as Spore, a windows game including GLSL rendering, and I'm surprised a game like this runs under a virus without an issue. (It's awesome! :D)

I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?

Thanks.

1. Delete your wine prefix
2. Do not run anything under wine using root, su or sudo
3. Install clamav in linux - this will protect against windows viruses
but not malware.
4. Use a linux native bittorrent client. There are many good ones.


John M. Drescher


Top 
 Post Posted: Sat Sep 24, 2011 10:52 am 
Offline
Moderator
Moderator
User avatar

Joined: Tue Mar 25, 2008 10:30 pm
Posts: 12127
wacossusca34 wrote:
I'm just asking if I should be worried about this. I also want to remove anyways, and is there a way I can protect my wine from malicious software before things like this happen?

http://wiki.winehq.org/FAQ#head-3cb8f05 ... 4e305a0459

Delete the wineprefix and run a virus scan on your home directory. And in the future, be more careful.


Top 
 Post subject:
 Post Posted: Sat Sep 24, 2011 1:16 pm 
Offline
Level 3
Level 3

Joined: Tue Aug 02, 2011 1:12 am
Posts: 62
Quote:
4. Use a linux native bittorrent client. There are many good ones.


I personally think that's going to be the biggest thing here.


Top 
 Post subject:
 Post Posted: Sat Sep 24, 2011 2:26 pm 
Offline
Level 1
Level 1

Joined: Mon Aug 15, 2011 1:44 pm
Posts: 7
Location: ca
I have to run under root, Puppy Linux by default logs into root.

Thanks for your input guys!


Top 
 Post subject:
 Post Posted: Sat Sep 24, 2011 2:32 pm 
Offline
Level 5
Level 5
User avatar

Joined: Sun Feb 06, 2011 5:57 am
Posts: 272
Bend it to your will! It logging in as root is bad! Make a on-root account, and log into that, and never as root. Use sudo or su or gksudo or whatever when you need elevated rights. It logging in as root by default could have something to do with this virus.

Get Well Soon,
Jake


Top 
 Post subject:
 Post Posted: Sun Sep 25, 2011 3:47 am 
Offline
Newbie
Newbie

Joined: Thu Sep 22, 2011 3:58 am
Posts: 2
And you'd better check your pc with several antiviruses. Some of them may not find the virus.


Top 
 Post subject:
 Post Posted: Sun Sep 25, 2011 8:46 pm 
Offline
Level 8
Level 8

Joined: Fri Feb 29, 2008 2:54 am
Posts: 1020
There is the universal window virus sledhammer. Clamav can be altered to be paranoid. Its a exe dll or contain any macros delete can be set to be marked as a virus and deleted by creating virus signatures to this effect.

Since exe and dll are not Linux binary you can set it to paranoid and not blow you feet completely out from out of you.

On windows running clamav paranoid will kill you since it basically deletes everything that is windows.

Islevi this is Linux there are far more effective ways to getting rid of the problem. Scorched earth policy. Check the system core against the packages it was installed from. Check the configuration files to rule out tampering.

Basically scorch earth all MS windows releated parts from the Linux system.

http://www.clamav.net/lang/en/faq/pua/ scripts from here is also possible.

Mind you scorched earth policy also applies to Linux Servers that are infected as well. Anything that cannot be confirmed as clean is removed.

This is why kernel.org is taking so long to bring back on line. The Linux world nature is do not mess around with virus or malware we want them dead and gone.

Lot of cases Linux differences to windows that effect wine do slow down virus spreed in wine.

For those running as root. The worse case I have seen giving support was to a person running wine as root. The windows virus could not tell the difference between a PE file and a ELF file thought both were executables so infected the lot yes the ELF files patched completely incorrectly so rendered non operating. Result vmlinux yes the boot image of Linux was virus damaged so Linux would not boot at all same with every other Linux executable and script. Clean install was the only option.

Basically you are bonkers running Wine as root you are playing Russian rollete with your system.

wacossusca34 user separation is an option. clamav runtime scanning or other runtime scanning where wine is. Please note this is not perfect some viruses will slip threw.

Finally don't do internet access to toxic locations like bittorrent providing non legal content. Legal provides of torrents I have never ever see a virus come from one of those sources. So you must be playing somewhere that you should not be.

I don't mean to be mean there is a lot of legal above board ways to get content or at least in away that has low risk.

One low risk way is downloading video clip from youtube and using vlc to cut the audio off into a mp3 file. Not like youtube is going to tolerate viruses. Basically start thinking of other locations you could get what you are getting bittorrent stuff from. Of course this depend on country if doing this is 100 percent legal.

Better slightly illegal and away from virus pricks than slightly illegal hanging out with virus pricks. Really I don't feel sorry for you wacossusca34 its basically if you lay down with dogs expect to get up with fleas.

Best thing you can do wacossusca34 is associate with a better crowd because to be infected the way you were you are most likely hang out with the wrong crowd.


Top 
Display posts from previous:  Sort by  
 
 Page 1 of 1 [ 8 posts ] 




Board index » WineHQ » Wine Help


Who is online

Users browsing this forum: Google [Bot] and 10 guests

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: