Home : Products : Hach WIMS : Hach WIMS Client : Documentation : Troubleshooting : Trend Micro Antivirus detects Hach WIMS Services as Malicious
Q12344 - KNOWNISSUE: Trend Micro Antivirus detects Hach WIMS Services as Malicious

SYMPTOMS:

After a Trend Micro virus definition update on or around '6/26/2009' we are experiencing a known issue where our main services are not working.  If you have a Trend Micro antivirus product, you may notice that your ADOCALC, GNR and other Hach WIMS NT services are no longer operational.  If you investigate further, you will notice that your Hach WIMS services are no longer running, nor are they listed in the Windows Services Manager.

This is believed to be a situation related to another known issue found here.

CAUSE:

This situation is caused by the virus definition update mentioned above.  This update causes the Hach WIMS NT Services to be falsely identified by the antivirus program as an "GRAY_Sml.0Z2011S", which is a form of virus or malicious software.  Once labeled a virus, the services are uninstalled and the associated executables are deleted from the system.

WORK-AROUND:

The work around in the related known issue with Norton and McAfee antivirus products has not been proven to work, but instructions on that work around can be found here.  Otherwise, at this time, we are unable to offer a direct solution or work around specific to Trend Micro's products.

UPDATE (7/1/2009): The linked article's work-around does not work in field testing because the Trend Micro software blocks the reinstallation of the NT Services.  The executables being affected can be restored, but the services can not be reinstalled.

SOLUTION:

UPDATE(7/10/200(): Trend Micro has informed us that in the 7/14/2009 regularly scheduled Tuesday update, the Hach WIMS / OPS SQL services will no longer be detected as malicous by the Trend Micro line of products.

As of the July 14th, 2009 update, the Trend Micro software should no longer detect the Hach WIMS services as a malicious software.  At that time, please download the latest updates and follow these instructions to repair the services on your server(s):

HOWTO: Restoring Hach WIMS Services after Antivirus removal
HOWTO: Restoring OPS SQL Services after Antivirus removal

Related Articles
Q11941 - KNOWNISSUE: Symantec Antivirus (aka Norton AV, Norton 360, ...) and McAfee detects OPS SQL Services as malicious software or virus

Article Attachments
No Attachments Available.

Related External Links
No Related Links Available.
Help us improve this article...
What did you think of this article?

poor 
1
2
3
4
5
6
7
8
9
10

 excellent
Tell us why you rated the content this way. (optional)
 
Approved Comments...
No user comments available for this article.
Created on 6/30/2009 11:40 AM.
Last Modified on 7/10/2009 3:20 PM.
Last Modified by No Author Name Available!.
Article has been viewed 5666 times.
Rated 6 out of 10 based on 4 votes.
Print Article
Email Article