This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

ZoneAlarm warning for 64-bit Windows installer

0

Dear sirs,

Zone alarm reports this file as a 'zombie'.

Regards

C Gilbert

asked 10 May '11, 08:41

SwissBob's gravatar image

SwissBob
1111
accept rate: 0%

edited 10 May '11, 15:13

Gerald%20Combs's gravatar image

Gerald Combs ♦♦
3.3k92258

Has ZoneAlarm updated itself since May 10? If so, is it still reporting a problem with the Wireshark installer?

(14 May '11, 11:03) Gerald Combs ♦♦

2 Answers:

0

This is a common false positive reported by ZoneAlarm users. The issue is most likely with ZoneAlarm, not the Wireshark installer.

answered 10 May '11, 09:19

bstn's gravatar image

bstn
3751415
accept rate: 14%

0

Can you provide a few more details? Specifically:

  • The exact error reported. Did ZoneAlarm trigger on the installer itself or one of the files contained in the installer?
  • The version of Wireshark.
  • The version of ZoneAlarm.
  • The version of ZoneAlarm's DAT file.

If possible can you submit the installer to ZoneAlarm for manual verification?

So far every antivirus warning we've encountered has been a false positive but I'd like to verify that this is the case here as well.

answered 10 May '11, 09:32

Gerald%20Combs's gravatar image

Gerald Combs ♦♦
3.3k92258
accept rate: 24%

edited 10 May '11, 11:11

First ZA Extreme Security 9.3.037.000 reports it cannot verify the file.

The advanced scan reports:

wireshark-win64-1.4.6 is malicious, secondly that "The file is zombie software that silently terminates itself etc etc, can execute malicious commands"

(10 May '11, 10:29) SwissBob