Wireshark mailing list archives
Re: Trojans associate with Wireshark, WinPCap, etc
From: Pascal Quantin <pascal.quantin () gmail com>
Date: Sun, 1 Nov 2015 18:12:39 +0100
2015-11-01 17:58 GMT+01:00 <gedropi () allmail net>:
After discovering the attached trojans during a scan on the 30th, I removed infected files, scrubbed the registry, repeated the scan. Nada. Then, I needed to replace the networking tools by downloading fresh copies of the removed, infected exe files. Upon downloading various tools from their respective websites, I repeated the virus scan to be sure. All newly downloaded exe files were again infected with the same trojans. Since all the Wireshark & WinPCap files were affected, I was wondering if any of you out there have had the same experience? I hope that someone can help me brainstorm for a fix. I need to use the tools of the trade. Thanks for any ideas.
Hi, Are you using ClamAV by any chance? as reported by Gerald Comb (Wireshark's leader) on the development list ( https://www.wireshark.org/lists/wireshark-dev/201510/msg00125.html) this seems to be a false positive reported to clamav.net. Best regards, Pascal.
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Pascal Quantin (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Gerald Combs (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Gerald Combs (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Gerald Combs (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Gerald Combs (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Gerald Combs (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc gedropi (Nov 01)
- Re: Trojans associate with Wireshark, WinPCap, etc Pascal Quantin (Nov 01)