Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: 6MONTAGE on March 18, 2005, 12:23:59 AM

Title: Redlof in TrendMicro
Post by: 6MONTAGE on March 18, 2005, 12:23:59 AM
Avast idenifies Redlof in TrendMicro Damage Cleaner system.exe file.

Although I run Avast regularly, as a failsafe I also run TrendMicro Damage Cleaner once a month. This TrendMicro program purportedly deletes any Trojans etc.

So: Is this a bogus message? (The "infection" appears nowhere else.) Also, the recommended action is Move to Chest. If the infection is real, why isn't the recommended action to Delete?
Title: Re: Redlof in TrendMicro
Post by: DavidR on March 18, 2005, 12:40:42 AM
If you are getting a virus warning that you believe is a false positive, then if you can zip and password protect ('virus', will do) the suspect file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem, the fact that you believe it to be a false positive and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner (http://virusscan.jotti.org/) if any other scanners here detect them it is less likely to be a false positive.
Title: Re: Redlof in TrendMicro
Post by: FreewheelinFrank on March 18, 2005, 06:05:01 PM
I had this problem too. I found the answer somewhere in this forum, I think. Anyway, the answer was that the Trend Micro program does not contain a Trojan, but does contain unencrypted malware defintions which avast! will see as a Trojan. The answer is to turn off on-access protection (right click the avast! globe) before launching the Trend program- not forgetting to turn it back on when the Trend scan has finished, of course.

Do a search to find the detailed answer in this forum which I just summarised above.

I have sent the Trend program to avast! but I probably wasn't the first. The avast! team know about the occurrence, and have explained the reason and given an answer  on this forum, so they might be mildly annoyed if we keep sending them the thing in emails.
Title: Re: Redlof in TrendMicro
Post by: Lisandro on March 18, 2005, 06:50:34 PM
Wow... Trend Micro is doing the same bad job as Panda when does not encrypt the signatures  :P >:(
Title: Re: Redlof in TrendMicro
Post by: gingerlily on March 19, 2005, 07:34:41 PM
I also got a virus alert message about sysclean.exezz, which had put itself on my desktop. I had gone to Trend free scanner, but it informed me that it did not work on Firefox, so I just forgot all about it.

When I saw this suspicious file on my desktop, I right clicked on properties and Avast started its warning. I have sent the virus to Avast.

I am not a techie person and only a week ago I had to reformat my PC which had been attacked by some nasty......I kept getting a message "1% is not a valid win32 application"

In the end, my PC was so mucked up, I had to reformat.

I am now terrified of these nasties.

What is Redlof...is it dangerous and how can I avoid it in future?