0

WiresharkPortable 3.4.0 suspected of malware?

asked 2020-11-19 16:22:50 +0000

REP
1

FYI folks... I pulled down WiresharkPortable_3.4.0.paf.exe yesterday for some troubleshooting chores. The download was flagged by my corporate security team for a virus signature, {Virus/Win32.WGeneric.arybve(383238846)} . I didn't notice any issues, but corporate IT removed it from both my laptop and the server I was using it on. Just wanted to let the team know.

edit retag flag offensive close merge delete

Comments

Likely to be another annoying false positive, care to name the AV program?

What does VirusTotal say?

grahamb ( 2020-11-19 16:44:33 +0000 )edit

Detection came from Palo Alto Firewalls – Virus/Spyware signature rules.

REP ( 2020-11-20 20:25:39 +0000 )edit

1 Answer

Sort by » oldest newest most voted

0

answered 2020-11-19 16:49:49 +0000

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

VirusTotal reports all clean bar one engine (Jiangmin ??), so as I suggested likely a false positive.

Not sure if that will be enough to allow the release of the heavy boots of your corporate IT security though.

edit flag offensive delete link

Comments

If it helps, false positives happen often enough that we maintain a list of them.

Gerald Combs ( 2020-11-20 21:40:14 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Question Tools

1 follower

Stats

Asked: 2020-11-19 16:22:50 +0000

Seen: 198 times

Last updated: Nov 19 '20

Related questions

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.

Powered by Askbot version 0.10.2