We're now a non-profit! Support open source packet analysis by making a donation.

McAfee VirusScan False Positive

February 13, 2007

Since the release of Wireshark 0.99.5, several users that McAfee VirusScan detected adware (Adware-Softomate.dll) in the version of WinPcap that comes with the Wireshark installer. The WinPcap project has been receiving similar reports.

McAfee has confirmed that this is a false positive:

Thank you for submitting your suspicious file. Our Senior Virus Research Engineers have examined the file in question and no virus was found.

Solution -

Attached is an extra.dat with correct detection. This correction will be included in the next DAT update.

[ DAT file instructions deleted ]

Warm Regards,
[ Name witheld ]
Virus Researcher
McAfee Avert Labs - Bangalore