Jump to content

Malawarebytes on wine1.4


0x0B0B

Recommended Posts

I am using Malwarebytes Anti-Malware 1.75.0.1300 on a new wine1.4 installation on Ubuntu, and  repeatedly find the following 3 files detected
c:\program files\foxitreader\bin\com7.exe (Trojan.Agent) -> No action taken.
c:\users\bob\local settings\temp\rar$ex7.src777\com7.exe (Trojan.Agent) -> No action taken.
c:\users\public\local settings\temp\rar$ex7.src777\com7.exe (Trojan.Agent) -> No action taken.
They still appear in the report after rebooting and running again.
- yet I cannot find them on the system (looking in Ubuntu and Wine):
sudo find / -name com7.exe -exec ls -la {} \;
sudo find / -name foxitreader -exec ls -la {} \;
find nothing.
Any one else get this?

Link to post
Share on other sites

  • Staff

Hi,

 

This is rather a ghost detection than a false positive where some additional program interferes with malwarebytes' enumeration and causes misdetections.

What other apps do you have installed there? (security apps). Anything that uses a blocklist/whitelist of certain applications?

 

Edited to add.. also Com7 is a reserved filename in windows, so you basically cannot create a file with that name (in normal ciscumstances) - so I wonder if wine acts differently here on reserved filenames and causes this "mbam misread".

I rather believe this is the case here, so I'll look into this further to bypass.

Edited by miekiemoes
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.