That chubby swede (sleepy) wrote,
That chubby swede
sleepy

  • Mood:

Clueless bastards

I got really upset this morning, the corporate wide anti-virus client bitched about a trojan. Well, guess what... it reports that the completely legitimate and explicitly installed Distributed.net Client is a trojan. Sure, there is droppers (malware that install other malware) for this floating around on the internet but these installations at the office are legitimate and done on purpose, to participate in the contest.

The OfficeScan Client didn't even manage to remove or quarantine the said trojan... which tell us that the OSC sucks/blows and is terribly broken.


From: (my email address)
To: (address of TrendMicro support)
CC: (abuse address of distributed.net)
Subj: False Positive, DNETC.EXE

I would like to report that your product detects false positives, the DNETC.EXE is a Distributed.net RC5-72 Client and NOT a trojan. This is detected as "TROJ_DISTNET.A".

It is explicitly installed on workstations to participate in the RC5-72 competition, see http://www.distributed.net/rc5/ . I have been a participant (http://stats.distributed.net/participant/psummary.php?project_id=8&id=335498) of the RC5-72 competition since 2002-Dec-07 (1383 days).

THIS IS NOT A TROJAN!

The product that reports this is TrendMicro OfficeScan (Eng/Ptn 8.310/3.765.00 DCE/DCT 3.6/363), fix your product -- it's broken.

Regards, Christopher.


I'll update this when I get a reply.

Update:
I uninstalled all clients, even from some development servers which are "protected" with TrendMicro ServerProtect, a sister client to the OSC that runs on workstations, the ServerProtect Client (SPC for short) didn't report anything, not even while uninstalling the said "trojan".
Tags: trojans, virus
Subscribe
  • Post a new comment

    Error

    default userpic

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 2 comments