https://bugs.winehq.org/show_bug.cgi?id=48418
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net Summary|Resources seems contains |Norton Security Scan flags |Heur.AdvML.B infection |binaries from Wine 5.0-rcX | |macOS package as Virus | |(Heur.AdvML.B)
--- Comment #3 from Anastasius Focht focht@gmx.net --- Hello folks,
for completeness I've checked macOS package as well using online virus scan service.
https://dl.winehq.org/wine-builds/macosx/download.html
https://dl.winehq.org/wine-builds/macosx/pool/winehq-devel-5.0-rc4.pkg
--- snip --- $ sha1sum winehq-devel-5.0-rc4.pkg 1abaaef7539226f19476ec70dad8741c26b3dbc2 winehq-devel-5.0-rc4.pkg
$ du -sh winehq-devel-5.0-rc4.pkg 276M winehq-devel-5.0-rc4.pkg
$ mkdir -p winehq-devel-5.0-rc4 && cd $_
$ xar -xf ../winehq-devel-5.0-rc4.pkg
$ ll total 28 -rw-r--r--. 1 focht focht 2994 Jan 4 01:07 Distribution drwxr-xr-x. 3 focht focht 4096 Jan 5 15:07 org.winehq.wine-devel32.pkg drwxr-xr-x. 3 focht focht 4096 Jan 5 15:08 org.winehq.wine-devel64.pkg drwxr-xr-x. 2 focht focht 4096 Jan 5 15:06 org.winehq.wine-devel-deps64.pkg drwxr-xr-x. 2 focht focht 4096 Jan 5 15:06 org.winehq.wine-devel-deps.pkg drwxr-xr-x. 3 focht focht 4096 Jan 5 15:10 org.winehq.wine-devel.pkg drwxr-xr-x. 2 focht focht 4096 Jan 5 15:06 Resources --- snip ---
Unpacking resources:
--- snip --- $ cd org.winehq.wine-devel.pkg/
$ cat Payload | gunzip -dc |cpio -i 735228 blocks --- snip ---
Selecting one 32-bit binary and upload to https://www.virustotal.com
--- snip --- $ file Contents/Resources/wine/lib/wine/write.exe Contents/Resources/wine/lib/wine/write.exe: PE32 executable (GUI) Intel 80386, for MS Windows --- snip ---
https://www.virustotal.com/gui/file/563b2c6ca56b32648135e3fc0b6069869f873c4b...
It seems multiple engines (10/68) detect Wine binaries built with GNU C99 6.2.1 20161118 mingw-w64 as virus.
Result with same binary built on my Fedora Linux host with Fedora MinGW 7.3.0-1.fc28:
https://www.virustotal.com/gui/file/b3144183ff160795e5d01bb870a6cf49eac24f99...
-> 3/70 detected.
Regards