Gregory Norris Posted February 1, 2011 ID:382618 Share Posted February 1, 2011 I just ran a scan that told me that WinDump is malware. I got the program from a trusted site (http://www.winpcap.org/windump/ Rated as excellent on WOT and also the providers of WinPCap which is used for both white and black hat activities). WinPCap is primarily a packet capture tool for Windows, WinDump is a tool used to diagnose WinPCap and other wireless devices supported by it. WinDump is the windows version of tcpdump a linux tool. Though the site doesn't directly say to put it in the System32 directory as I did by placing it in the System32 directory I can easily use WinDump from the command line (it is a command line tool).My best guess as to why mbam detected it as trojan is because it is by it's nature a data capture tool and a malicious version of it could very well steal all sorts of sensitive information. Also, chances are that someone has packaged a virus that uses WinPCap or WinDump just as people have used NSIS to package viruses even though NSIS is not a virus but instead just a highly efficient compression engine.mbam_log_2011_02_01__10_49_11_.zip Link to post Share on other sites More sharing options...
Staff shadowwar Posted February 1, 2011 Staff ID:382633 Share Posted February 1, 2011 can you please attach that file here? Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now