Description: Winver.exe is not essential for the Windows OS and causes relatively few problems. Winver.exe is located in a subfolder of “C:\ProgramData”—primarily *C:\ProgramData\Microsoft\Windows\Deep Layers*. The file size on Windows 10/11/7 is 6,786,560 bytes.
Winver.exe is not a Windows core file. The program starts when Windows starts (see Registry key: Run). The program has no visible window. Winver.exe is able to record keyboard and mouse inputs and monitor applications. Therefore the technical security rating is 70% dangerous.
winver.exe is not a file generated by wine. That’s a file provided by the vendor of whatever software you are running with the help of wine.
I also have “clamscan -r --bell -i /” and it found so far:
/home/akhkharu/.local/share/lutris/runners/wine/wine-ge-8-25-x86_64/lib/wine/i386-windows/winver.exe: Win.Malware.Ulise-10018340-0 FOUND
/home/akhkharu/.local/share/lutris/runners/wine/wine-ge-8-25-x86_64/lib64/wine/x86_64-windows/winver.exe: Win.Malware.Ulise-10018340-0 FOUND
/home/akhkharu/.local/share/lutris/runners/wine/lutris-GE-Proton8-15-x86_64/lib/wine/i386-windows/winver.exe: Win.Malware.Ulise-10018340-0 FOUND
/home/akhkharu/.local/share/lutris/runners/wine/lutris-GE-Proton8-15-x86_64/lib64/wine/x86_64-windows/winver.exe: Win.Malware.Ulise-10018340-0 FOUND
So maybe it is some lutris thing as I lauch all windows programs through it.
The best solution IMHO is to remove ClamAV. I am not joking. If the websites you visit or the Windows software so notorious, you really shouldn’t do so. That’s like having sex with a lady of the night. Protected or not, her pimp is still gonna beat and rob you.
After few definitions update it is still detected as virus. To be safe I deleted all instances of this file. Also scanned computer with few antimalware programs from pacman and they didn’t detect anything important.
I write here because I thought I will get response from someone also using lutris/wine and clamav with similar experience… but I guess either noone use clamav or I really did get some virus from somewhere.
I may not be complete linux newbie but I am newbie to gaming on linux so I follow few tutorials from youtube to set up things so maybe I did not payed enough attention and wget some wired stuff.
I’ll do a quick scan when I download something from a source I don’t trust, just for a little piece of mind. I don’t run the full-blown service or anything, I just do occasional one-off scans like this:
sudo clamscan -riv /thing/to/scan
Occasionally a false positive will come through, but usually a quick web search will turn up other folks reporting the same scan as a false positive, explaining why it was flagged in the scan, and so on. If you don’t find something like that, I would be hesitant to trust that file.
There are more robust AV tools on Windows, but not free ones. The good ones are typically expensive, and tend to be bloated and resource intensive. The free ones may do some legitimate scanning, but all of them are blatantly spyware and/or adware.
Aside from ClamAV itself, which can be used on Windows, there is no free tool on Windows which is as effective and efficient as ClamAV.
One of these days an antivirus may be required when using Linux, I just don’t feel that day is quite here yet. IMO if you don’t run Windows, then there’s very little need to have an antivirus installed when using Linux.
Back in the days when I still used Windows (and Linux) I would scan my Windows drives from within Linux using clamscan. To me that is one of the few worthwhile reasons for using an AV with Linux. If you use Windows, or are on a network with Windows machines, or share files with Windows users, then scanning the files from within Linux is a good preventative measure to be sure you’re not responsible for spreading Windows viri.
Scanning from outside of Windows is a good precaution to take, because advanced Windows viri can surreptiously disable your Windows AV and get away with all manner of nastiness without the Windows user even knowing. After I quit using Windows completely, I realized I no longer had a legitimate need for running an AV with Linux.
Although I found a ton of viri using clamscan, none were ever actually a virus that could cause a problem with Linux. Clamscan reported lots of infected files on Linux drives, but every one was a false positive. The whole time using an AV on Linux, I never actually found one legitimate concern. After I quit using Windows, I realized I was simply wasting time and effort scanning my files and chasing down false positives.
The day may arrive when AV is required in Linux, I just don’t feel that time is quite on us yet. As always YMMV, and always use a prophylactic if regularly engaged in risky activities.