Hi Vic, In short, yes.
Sounds like an overzealous AV vendor tagging the packet capture engine that happens to be included with the worm/virus/whatever as the virus itself. Fairly typical, though. This same sort of thing used to occur with the encryption plug-ins that people used to use with the good old BO2K. The AV vendors tagged the API calls as something of interest, and deemed everything that used or duplicated them as BO2K itself. Wiretapped carries the source and binaries for a couple of these in the specific algorithm areas of the cryptography part of our site, including for example a Blowfish plug-in. I still occasionally get people writing in asking if these things are viruses, despite clear readme files and even the source code being included in a single .zip file package. Grant Wiretapped On Mon, 17 May 2004, Vic Samarakoon - technet solutions Pty. Ltd. wrote: > I installed winpcap a few weeks back and AVG has apparently found the > Worm/Agobot.19.A0 > > It then healed the file - C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS repaired > > Is this a case of mistaken identity? ================================================================== This is the WinPcap users list. It is archived at http://www.mail-archive.com/[EMAIL PROTECTED]/ To unsubscribe use mailto: [EMAIL PROTECTED] ==================================================================
