https://bugs.winehq.org/show_bug.cgi?id=42793
--- Comment #9 from muh emadi taj mohammad1emadi1taj@gmail.com --- (In reply to Bruno Jesus from comment #7)
... type : wine /root/Desktop//../kportscan.exe(app location)
If you are running wine as root and specially using this sort of tool you are doing it wrong. This tool can be downloaded mostly from hacking forums and it could have been changed to add malware/trojan, please never run wine as root.
thanks for you're advise i check every tool before running (not at virustotal.com because RATs(torjan)s can easily become nud and not detected by simple crypting ( i and anyone else use a cryptor to crypt our torjan when we want to give it to client so it wont be detected by anti viruses at least for a month (in a month some people scan in online sites like virustotal and when you scan in that kind of site a report will be given to anti-virus campany to check the file when it's scanned afew times and they will detect it easily )
i run any tool in a virtual machine and check the tcp connections from out of the machine and see if there is a rat or not(if you check inside the machine some tools can't be detected like rootkits that hide their proccess and connection but in out of the machine everything will be detected even rootkits ) i recommend you to this too ( notice that some malwares don't run when running inside a virtual machine (they check and see if any app related to virtualization is installed like vmware_tools or ...) so don't install thoese tools (100% security never exists )
again thanks for your advice and help