|
We have received several emails regarding Wireshark ( the new version of Ethereal) being detected as infected with trojan.zlob. After investigation it appears that this is a false positive with Symantec AV def's that are currently in use and that it is actually the NSIS (Nullsoft Installer) that is triggering the alert.
NSIS Installers Nullsoft Installer (NSIS) is an open source program that is used by many companies including WINAMP, WireShark and probably others to create low cost installers. Apparently this is not the first time that Symantec has had a false positive on the NSIS installer. WinAmp Advisory |
Deborah 279 Posts ISC Handler Jul 4th 2006 |
| Thread locked Subscribe |
Jul 4th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
