I am new to the forums, and have a problem with CIS
the problem is that CIS is detecting rpcnet.exe rpcnet.dll rpcnetp.exe rpcnetp.dll all as a virus now I went to forums and such searching through comodo search and google all say that its part of an anti theft software from AbsoluteSoftware, and I tried everything to remove it but it keeps coming back then I read its embedded in the BIOS in some laptops and it can’t be removed…
I don’t know what to do about it but it’s rather annoying to have some software like this on my laptop…
I don’t know about that, cause everytime I reinstall windows it comes back! and I loked at AbsoluteSoftware site, and it is said that the their monitoring agent resides there until you activate their software by purchasing a license from them which I didn’t and I want those files out of my computer cause for the first time I used my laptop none of these files were present??
sooo… is AbsoluteSoftware really a company on anti theft software or is my computer just infected?
It is tracking software should your laptop ever be stolen. To remove it you will need Regedit, and remove any occurance of those files.
then clean your registry and reboot.
From there you should be able to delete the files from your HDD.
Well that is the problem with AbsoluteSoftware their Agent that sends all your info of your laptop to their monitoring servers, it resides in the BIOS and it overrides autochk.exe at windows boot altering the boot so it can run its own code and it keeps coming back formatting won’t work guess it is designed just that way so hackers have no way to remove it but I want it removed. it’s annoying for COMODO two files are from Absolute rpcnet.exe and rpcnet.dll but after I add those to exclusions comodo pops up and gives me the standard rpcnetp.dll and exe as virus those are from Windows itself…
1) Say, that is legitimate Software that you described here but you don’t want it on your PC.
You have to apply to the vendor and you have rights to know how to remove it (or at least disable) completely. But that is different story compare to detection itself.
2) You have flaggings by security Software (any).
It means only 2 things either that is a detection of the real bad thing or it is False Positive (FP)
With any security Software you have 2 choices: if you are absolutely sure that it’s FP either you Exclude that from scanning (place it into WhiteList) as John Buchanan suggested above or you should send files for analysis to the vendor which produced flaggings. If FP was confirmed that must be fixed with one of the subsequent updates.
The procedure is usually very similar for many security Software e.g.:
Sending from detection list or in some cases Software allows you to send from quarantine;
P.S. there could be cases when anyway you should use White List / Exclusion / Exception List, whatever it called.
file is flagged as Riskware, but we are using such Software for not malicious cause;
Traces in registry may be harmful and will reoccur any time after you use some legit Software. It does not make sense removing those.
Some Tools, which are used to fight malware, very often are flagged by many security Software(s). One of the reasons (amongst others) – those Utilities are using precisely the same code as malware is using… etc.
Although this software is from Absolute Software Corp. some anti-theft company soo the files whereabouts I know of what I don’t understand is how the software got on my computer and they say the agent which collects all your laptop hardware info Ip serialnumber MAC address etcetera… resides in the BIOS until the software is activated and which I never did nor purchased a license from them…
Some manufacturers include the Absolute Software on a chip.
So it is persistent.
Apparently if you get hold of their tech support they can remove it remotely.
Provided of course you give them the serial number of your lappy and they confirm it’s not stolen.