Dear POL/POM developers,
I installed MalwareBytes into a POL prefix in order to check an installer for viruses. It didn't find any malware in the file but it found malware in the system directories of the Wine prefix used.
The threats found are:
Trojan.Agent, C:\windows\system32\dmusic32.dll, , [256a3140e1a9ec4a10d50e5116ee37c9],
Backdoor.Bot, C:\windows\system32\iexplore.exe, , [fa957100e1a973c3d27281e2d92b3cc4],
Trojan.Patched, C:\windows\system32\ksuser.dll, , [b0df01706c1e46f0cd4e174d53b17888],
Trojan.Agent, C:\windows\rundll.exe, , [3b545d145e2c96a078b887f3b64e857b],
Trojan.Tracur, C:\windows\system32\winnls32.dll, , [8b043140602a5adc7a97d3dcc83cb34d],
Broken.OpenCommand, HKCR\batfile\shell\open\command, ,[ffffffffffffffffffffffffffffffff], %5
Broken.OpenCommand, HKCR\comfile\shell\open\command, ,[ffffffffffffffffffffffffffffffff], %5
Broken.OpenCommand, HKCR\piffile\shell\open\command, [ffffffffffffffffffffffffffffffff], %5
Broken.OpenCommand, HKCR\scrfile\shell\open\command, [ffffffffffffffffffffffffffffffff], %5
Broken.OpenCommand, HKCR\regfile\shell\open\command, [ffffffffffffffffffffffffffffffff], %5
And all of this happened in a new prefix. If anybody has/had a similar problem, then it should be reported to POL, WineHQ, etc.