We have received several emails regarding Wireshark ( the new version of Ethereal) being detected as infected with trojan.zlob. After investigation it appears that this is a false positive with Symantec AV def's that are currently in use and that it is actually the NSIS (Nullsoft Installer) that is triggering the alert.
Nullsoft Installer (NSIS) is an open source program that is used by many companies including WINAMP, WireShark and probably others to create low cost installers. Apparently this is not the first time that Symantec has had a false positive on the NSIS installer.
Jul 4th 2006
1 decade ago