Jump to content

Recommended Posts

I just ran a scan that told me that WinDump is malware. I got the program from a trusted site (http://www.winpcap.org/windump/ Rated as excellent on WOT and also the providers of WinPCap which is used for both white and black hat activities). WinPCap is primarily a packet capture tool for Windows, WinDump is a tool used to diagnose WinPCap and other wireless devices supported by it. WinDump is the windows version of tcpdump a linux tool. Though the site doesn't directly say to put it in the System32 directory as I did by placing it in the System32 directory I can easily use WinDump from the command line (it is a command line tool).

My best guess as to why mbam detected it as trojan is because it is by it's nature a data capture tool and a malicious version of it could very well steal all sorts of sensitive information. Also, chances are that someone has packaged a virus that uses WinPCap or WinDump just as people have used NSIS to package viruses even though NSIS is not a virus but instead just a highly efficient compression engine.

mbam_log_2011_02_01__10_49_11_.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.