Jump to content

NCAT.EXE flagged by virus software


Recommended Posts

Our Symantec Enpoint Protection anti-virus software this week started to flag and quarrantine/delete the "C:\Program Files\Total Network Inventory\Nmap\ncat.exe" file.

 

If we are not using the NMap Engine for scanning and are instead using the Classic Scan engine, will anything in TNI be affected now that this ncat.exe file has been deleted by our anti-virus software?  Or should we look at adding an exception within Symantec Endpoint Protection for this file?

 

Link to comment

Hi Hemo2,

 

This file contains no viruses. It belongs to a third-party module and we can not change it. However, it is not used by the program and can be safely removed. Its absence does not affect TNI even if you would use the Nmap engine (only nmap.exe is used among all EXE files in the Nmap folder). It is there just for the sake of Nmap complete package.
 
Here are the results of the antivirus scan for this file. You can see that only Symantec detects something, while all other antiviruses don't detect anything. Even then, Symantec does not say that it is a virus, but a special category of something suspicious (NetCat). I would consider it a false positive (which sometimes happens) and add an exception if possible.
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...