First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

WiresharkPortable 3.4.0 suspected of malware?

FYI folks... I pulled down WiresharkPortable_3.4.0.paf.exe yesterday for some troubleshooting chores. The download was flagged by my corporate security team for a virus signature, {Virus/Win32.WGeneric.arybve(383238846)} . I didn't notice any issues, but corporate IT removed it from both my laptop and the server I was using it on. Just wanted to let the team know.

REP's avatar
1
REP
asked 2020-11-19 16:22:50 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Likely to be another annoying false positive, care to name the AV program?

What does VirusTotal say?

grahamb's avatar grahamb (2020-11-19 16:44:33 +0000) edit
more
  • delete

Detection came from Palo Alto Firewalls – Virus/Spyware signature rules.

REP's avatar REP (2020-11-20 20:25:39 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

VirusTotal reports all clean bar one engine (Jiangmin ??), so as I suggested likely a false positive.

Not sure if that will be enough to allow the release of the heavy boots of your corporate IT security though.

grahamb's avatar
23.8k
grahamb
answered 2020-11-19 16:49:49 +0000
edit flag offensive 0 remove flag delete link
more

Comments

If it helps, false positives happen often enough that we maintain a list of them.

Gerald Combs's avatar Gerald Combs (2020-11-20 21:40:14 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer