Wireshark-users: Re: [Wireshark-users] Symantec AV false positive?
From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>
Date: Tue, 04 Jul 2006 09:31:43 +0800


Danielson, Graeme wrote:
This morning my Symantec AV decided to delete the Wireshark
uninstall.exe as it thinks it is infected with "Trojan.Zlob"
Then the same thing happened against the wireshark-setup exe when I
downloaded it again.

At the moment I'm presuming it's a false positive against the SAV virus
definition file I have dated 2-Jul.  Has anyone else hit something like
this in the last few days?

Yep:

http://www.wireshark.org/lists/wireshark-users/200607/msg00005.html
http://www.wireshark.org/lists/wireshark-users/200607/msg00006.html
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=982