Infected by not-a-virus:Monitor.Win32.NetMon.b

Hi,

Today got infected by not-a-virus:Monitor.Win32.NetMon.b. ZASS detected it. However Avira did not detect it. I got very little information about this one on the Net including virus encyclopedia on virustotal. Can anyone tell me where to look for its type, potency, payload etc or if any of the AV suites has this definition?

Thanks in advance.
Avboy

 

this will be moved to the other-malware section.

 

Generally Google has everything .

Kaspersky's web site http://www.viruslist.com/en/viruses/encyclopedia?virusid=216882 has no information about this one but NetMon is in your case potentially unwanted program (not a threat but can be used even for evil purposes)

 

Where is the file located?

 

It has infected the executable of Bysoft Network Monitor.

 

Your exe is not infected. The name says it all "not-a-virus:Monitor.Win32.NetMon" is not a virus. It's just that it flagged netmon.exe as a potentially dangerous application that could be used for malicious activities. Other legit applications, like WinVNC, are also flagged by many antivirus becauase they can be used in a bad way.

If it's you that installed Bysoft Netwokr Monitor, then just tell you AV to thrust the application.

 

I suspect same but u need to be sure.

 

Thanks everyone for replying! Yes I installed it. Will not trust it yet till i know the possible danger. If you have time, can you tell me what exactly can it be used for (malicious activities)? And how? By opening other processes? Acting as a dialer? Any resource where I can read about it?

Thanks
Avboy

 

It may be used to remotely control your machine.

 

Really? I was under the impression it got flagged simply because it's a network sniffer.

 

+1...
With not-a-virus detections, it basically means that you should take caution with where it came from...

If you intentionally installed it and know where it came from and what its used for, then add it to exclusions and its alright.

If you didn't install it and do not know where it came from and how it got there; then remove it.

Simple

 

My bad I was thinking in a RAT. With a packet sniffer, it's possible to steal sensitive/personal information such as passwords, user IDs and any information which is transmited unencrypted.