Symantec Antivirus False Positive
July 4, 2006
Several users have reported that Symantec AntiVirus products have detected a trojan in the Wireshark 0.99.1pre1 Windows installer.
We haven't found any trace of the trojan (Trojan.Zlob) on our build system, and Symantec Security Response has been unable to duplicate the issue. They recommend that everyone updates their virus definitions. Symantec's response is included below:
We are writing in relation to your submission through Symantec's on-line Security Risk Dispute Submission form in relation to your WireShark
software version 0.99.1pre1 being detected by Symantec's software as a Trojan.Zlob. On receiving the additional information requested we once again went back and analysed the software with Symantecs latest definitions and found no detection of your WireShark software as a Trojan.Zlob. Can we please ask your customers to update their Symantec product to the latest definitions and see if they are still getting a Security Risk message in relation to your software.
.
If this dispute is no longer valid please respond to this email and we will close off the dispute.
.
Please respond to this email within 14 days with all questions or requests above answered. Failure to respond to this email within 14 days will deem the Security Risk Dispute submission to be no longer valid and initiate a closure procedure. Once closed a new submission for the same issue can be opened up to two times. Each new submission is subject to the time frame for response of a further four weeks from the submission date
.
Sincerely,
.
Symantec Security Response
.
If this dispute is no longer valid please respond to this email and we will close off the dispute.
.
Please respond to this email within 14 days with all questions or requests above answered. Failure to respond to this email within 14 days will deem the Security Risk Dispute submission to be no longer valid and initiate a closure procedure. Once closed a new submission for the same issue can be opened up to two times. Each new submission is subject to the time frame for response of a further four weeks from the submission date
.
Sincerely,
.
Symantec Security Response
Go Beyond with Riverbed Technology
I have a lot of traffic...
ANSWER: SteelCentral™ AppResponse 11
- • Full stack analysis – from packets to pages
- • Rich performance metrics & pre-defined insights for fast problem identification/resolution
- • Modular, flexible solution for deeply-analyzing network & application performance