Ask Your Question

F-Prot says Wireshark-win64-3.0.1 is containing malware

asked 2019-05-13 10:37:46 +0000

Triangles gravatar image

updated 2019-05-14 05:47:21 +0000

Jaap gravatar image

Hi, We have discovered with one of the antivirus tool that there is a suspect of having a malware in Wireshark-win64-3.0.1 release. File "Wireshark-win64-3.0.1.exe" is scanned and antivirus detected Malware: W32/Trojan2.PZJB in it. The checksums are as: md5 - 8a06061bb19d8fae7a2536ee84796d7a sha1 - 2e51ae89f86d8b3dedde94564a2f0fcdc4298789 sha256 - 80e9bdfcb3bfb3800c202efcdfbb286a2b89d0bf2b8d94f2727d117b0013c821

Do you have any chance to dig this any deeper whether it is false positive or not?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-05-13 11:32:11 +0000

SYN-bit gravatar image

A check on virustotal does not indicate any problems, which antivirus tool is reporting the malware?

You might want to report this to your antivirus vendor as a false positive.

edit flag offensive delete link more


F-Prot did that detection. We also checked virustotal and it doesn't indicate anything. Also some other AV's don't give the alarm.

Triangles gravatar imageTriangles ( 2019-05-13 11:36:40 +0000 )edit

As none of the other AV products seem to indicate the presence of malware, I would assume this is a false positive and contact F-prot about it.

SYN-bit gravatar imageSYN-bit ( 2019-05-13 13:33:37 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2019-05-13 10:37:46 +0000

Seen: 160 times

Last updated: May 14 '19