Clamav

[Michael Miles]

On 04/18/2010 02:28 PM, Craig White wrote:
> On Sun, 2010-04-18 at 13:58 -0700, jdow wrote:
>
>    
>>> I think that it is a must to have protection on your machines
>>> considering I am looking at a machine that was supposed to be bullet
>>> proof, and proved to be infectable with windows crap through wine. If
>>> you are running wine without protection then you are taking a chance.
>>> I am not sure how it happened but it did.
>>>
>>>
>>> The Virus even went to work renaming core files from the xp install
>>>        
>> To be fair we've not determined exactly whether the files are something
>> wine installed rather than a virus. If wine has not been used much,
>> particularly for browsing or email, then I'd suspect "rpm -qf" on those
>> files would show that they are part of wine.
>>      
> ----
> not possible because 'drive_c' is actually created when you execute wine
> for the first time (or subsequent user creation) and thus...
>
> $ rpm -qf /home/craig/.wine/drive_c/windows/twain_32.dll
> file /home/craig/.wine/drive_c/windows/twain_32.dll is not owned by any
> package
>
> is the only answer that one could ever have.
>
> Seems as though it must have something to do with something that he
> did/has on his Windows files/network or as I really suspect, a false
> alarm and alterations caused by some anti-virus program and this is all
> just mental masturbation of the kind that seems peculiarly unique to
> Windows.
>
> Craig
>
>
>    
Has been nuked
Got rid of wine all together
Virtualbox as well.
If I am going to run windows products I will do it in it's own PC and 
that's that.


Too bad I really liked virtualbox

Re ran scans with Avira , Bitdefender for unices and Clamav

All clear for now

Thank you all for your input and I hope these machines stay clear