I'm suddenly seeing a lot of the following detections:
Malware name: VirTool:Win32/BeeInject
Process name: C:\Windows\SysWOW64\rpcnet.exe
Path found: file:_C:\Windows\SysWOW64\rpcnet.dll
Rpcnet is a component of Absolute Computrace (a.k.a. Lojack for laptops). It has been installed on my computers for a long time. I plan to submit a false positive report but I didn't see a thread about this yet and wanted to see if anyone else is experiencing this issue.
Thank you for your question.
Here is Win32/BeeInject thread details in MS Malware Encyclopedia.
I suggest you run full scan via Microsoft Safety Scanner or submit the file as sample to Microsoft.
If there are more inquiries on this issue, please feel free to let us know.
TechNet Community Support
We have the same issue too! I already submit the False Positive Report Form(http://www.microsoft.com/security/portal/Shared/VendorFP.aspx) and contact Absolute Software too.
From Computrace: I’m
forwarding the information to our engineers to expedite the whiteflagging of
rpcnet.dll with Microsoft. I’ll keep you updated as I learn more.
It appears to only affect those running computrace agent version 910 (at least in our environment)