Malware In Trafficmonitor Download

Not sure if this is the right place, but downloaded the 64 bit version of TrafficMonitor from MG yesterday and Webroot pinged it for malware in TrafficMonitor_V1.84.1_x64\TrafficMonitor\LibreHardwareMonitorLib.dll

 

Is this what you downloaded https://www.majorgeeks.com/files/details/trafficmonitor.html?
I downloaded the 32 bit, scanned it with MS Security Essentials and Malwarebytes Premium. Nothing was detected by either.
I then had Virus Total analyze the dll you said LibreHardwareMonitorLib.
Here are the results
https://www.virustotal.com/gui/file/bce0e5f032676fde9a4997a877328fa8326b877d4561dc660a214811710f70d9

2 out of 71 flagged something. I'd say you got a false positive and it is clean.

If you still have the 64 bit on your computer, go here https://www.virustotal.com/gui/home/upload
select choose file, find the file and see what results you get.

 

The homepage for it is Github so I HIGHLY doubt it is malicious.

Any software that monitors your network might be flagged as malicious just because of what it does. It's also a portable app so that's another reason it might get flagged.

 

Yes, that's the one. I considered it could be a false positive, but webroot stated a specific malware, although I didn't get a chance to copy it because my machine decided it needed to reboot at the same time. Looked like a windows update reboot, but didn't ask me to do it, so maybe something webroot does.

Anyway, a reboot, full scan with webroot and malware bytes and no issues, not that there should have been anyway as I hadn't even installed traffic monitor.

But, I get almost no false positives with webroot, it was very out of the ordinary for it to complain like that, hence my post.

 

You can upload it to Webroot and they should whitelist it. https://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx

More info. https://answers.webroot.com/Webroot...vw=1&solutionid=312&t=False-positive-Consumer

 

Obviously I don't understand how windows installers work, opening that archive and extracting it, then looking inside the trafficmonitor.exe archive, I still can't find that dll, so I just submitted the whole zip for webroot to check.

 

It's not an installer. It's a portable app that runs when you double click it. That's possibly the reason Webroot is flagging it. Malware behaviour detections don't like software that runs directly from the .exe. That's how a lot of actual malware runs.

You just unzip the file and run the TrafficMonitor.exe directly from the folder. You should be able to whitelist it manually in Webroot.

FYI. I went ahead and uploaded both the 32 bit and 64 bit files to Webroot. No telling how long it will take them to analyze the files and get them whitelisted though. It could be hours or it could be days.

 

Ok, thanks, will check again and see what it says.

 

All good now by the look of it, thanks!