This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello, i have maked an virus/maleware test ---> https://www.virustotal.com/de/file/72949ee020a9b21c7cff94b68920db883504ddbb442870496095471b20707feb/analysis/

An Virustotal have found an (Trojan.Keylogger.Win32.46401) Have Wireshark realy an Trojaner/KeyLogger ?!!

asked 25 Dec '15, 16:09

EASYLAYER's gravatar image

EASYLAYER
6112
accept rate: 0%


No, only Zillya as one out of fifty-three scanners used by VirusTotal gives an indication of a malware. Did you consider this could be a false positive? Isn't this is precicely what you use VirusTotal for? To get a varied evaluation of the target to be able to avoid false positives/negatives? They even say it themselves: "Probably harmless! There are strong indicators suggesting that this file is safe to use." I expect their signature database will be updated eventually (it's at 20151215 now) and then you can try again to see what happens.

permanent link

answered 26 Dec '15, 02:14

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

I agree with Jaap.

(28 Dec '15, 04:42) thetechfirm

Your answer has been converted to a comment as that's how this site works. Please read the FAQ for more information.

(28 Dec '15, 05:50) Jaap ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×36
×13
×6
×6

question asked: 25 Dec '15, 16:09

question was seen: 1,863 times

last updated: 28 Dec '15, 05:50

p​o​w​e​r​e​d by O​S​Q​A