"Dan Kegel" <[EMAIL PROTECTED]> wrote:
http://hiweed.com/node/798 offers "hiweedlayer" for download. It is supposedly a Windows layer like Wine. Running strings on their single executable, I see messages like %s is being traced! location has changed! abnormal behavior! shell has changed! %s has expired! Please contact your provider which look like they're from this little bit of malware: http://forums.fedoraforum.org/archive/index.php/t-25441.html but perhaps they're just trying to keep people from reverse-engineering their code (or finding out that they have Wine code inside?).
Exactly. Remove everything up to class.tgz.BEGIN in hiweedlayer and untar it somewhere, what we see (reminds me something): share/ dosdevices/ lib/ bin/ drive_c/ user.reg system.reg my.reg and inside of lib\ wine\ (with all Wine dll.so files) libwine.so.1 libwine.so.1.0 -- Dmitry.
