Symantec detects RTI Real-Time Connect app as Trojan.Gen.2?

3 posts / 0 new
Log in or register to post comments
Last post
Tue, 08/23/2011 - 06:44
#1
Frank J. Crow
Frank J. Crow's picture
Offline
Last seen: 12 years 11 months ago
Joined: 04/08/2011
Posts: 12
Symantec detects RTI Real-Time Connect app as Trojan.Gen.2?

Symantec Endpoint Protection detects the C:\Program Files\RTI\RTI Real-Time Connect 4.5d\bin\i86Win32\rtirtc_timesten.exe file as a Trojan.Gen.2.   I think that it is a case of a false positive.   Of course, my Symantec is administrated by the IT staff and I have no control over it.  

 

Both myself and a coworker have this same problem.   It think that it is highly unlikely that we would both get the same unused file infected by a Trojan.

 

Not impossible but highly unlikely.   Unless there is a Trojan out there that somehow is targetting RTI Real-Time connect exclusively... I don't believe it.

 

Would be nice to have an MD5 checksum or something to verify though.

 

AttachmentSize
Image icon RTI-Trojan.JPG32.69 KB
Image icon RTI-Trojan-2.JPG67.98 KB
Organization:
Keywords:
Top
Thu, 09/15/2011 - 13:18
Ronald
Offline
Last seen: 11 years 9 months ago
Joined: 10/14/2010
Posts: 5

 

Hello Frank,

 

This should be a case of false-positive. We were able to reproduce this symptom using Symantec Antivirus 10.1.5, and we have submitted a false-positive report to Symantec. 

 

Best regards,

Ronald

 

Top
Fri, 09/23/2011 - 15:56
Ronald
Offline
Last seen: 11 years 9 months ago
Joined: 10/14/2010
Posts: 5

 

Hello Frank,

 

Symantec have responded to our false-positive report, and they updated their virus definition file. Using the latest version "9/23/2011 rev. 2", I rescanned the same files and now Symantec doesn't report the virus anymore. Can you try to update your virus definition?

 

Best regards,
Ronald

 

Top