An exe file that I want to run on linux made for windows comes up as a Trojan on VirusTotal - how would I run it without it affecting my system?
Is there any way that I can run this program on my Linux system without possibly getting a virus?
Solution 1:
You would need to run it in an isolated test system, such as a VM and investigate what it does.
What exactly is it ?
It is hard to believe you "need" to run an infected .exe.
It is possible you have a false positive as well (depending on how you detected the virus and what, if any, investigation you have done).
Solution 2:
Be aware please that even tough this will work probably fine, running a virus inside any live system is never a good idea, even if you are sure that you can revert / eliminate the effects of the virus. For a safer approach the answer from bodhi.zazen is recommended. This is the safest steps to run something that is not really safe.
Any program running inside a wine prefix has only access to the virtual bottle in that .wine prefix folder in your home and nothing else. They are closed inside that bottle.
That said it is also true that a default created bottle also creates standard links in to your home folder and root file system, you need to make sure that those are deleted before running the executable. Some pesky trojans will scan drivers for executable or other specific file type and try to infect those.
A better option is to create a new bottle and thus isolating it from your normal bottle, for that you need to run the .exe file on a separate prefix, do that by following this example:
export WINEPREFIX=~/wine_possible_trojan
wine winecfg
At this point look for the mounted points created for the bottle, they should be on the drives tab, remove any letters that are not c:\
, that will prevent the trojan of fiddling with any files inside your home or the root file system:
After removing the drivers from the bottle you can run the executable using the bottle you just created with using something like
WINEPREFIX=~/wine_possible_trojan wine path_to_exefile.exe
After that deleting ~/wine_possible_trojan
will delete the bottle from your system eliminating the modifications done by the trojan inside that bottle.
If you are unsure you can also install a virus scanner in your Linux system and run that after )and maybe before to see if it picks anything up) deleting the .wine
prefix. Have a look at this post for options available:
- Available anti-virus for Ubuntu 11.10
The other option would be, as bodhi.zazen said, to install VirtualBox from the Ubuntu Software Center, install Ubuntu or Windows (if available) in to a new virtual system in VirtualBox and run the .exe inside that virtual system.
For more information about VirtualBox please visit the Wikipedia page, the official VirtualBox page and have a look at How to install VirtualBox in AskUbuntu.com.
I can see from the AV scan report you added to the comments that only 1 engine picked it up out of all of those on the list, I would say false positive.