Of course check to see if any of the files/registry entries listed are on your computer. I'm afraid the only place any of us can get any info on if this one is a false positive is from Trendmicro. Have you contacted them to ask?

Since the trojan you referred to seems to drop modified mirc.ini and script.ini, i'd also take a look at the ones you have. If they look like they should, perhaps something in your legit ini files resemble a known trojan string. (it certainly isnt uncommon to have backdoors and nasties in scripts ppl download) Maybe include yours in a report to Trendmicro to give them something to go on? NOTE: be sure to remove any passwords you may have in your ini files before sending them off!

i'm not aware of anyone recieving emails from Trendmicro other than the one saying their virus doctors were looking into it. All any of us can do is check for what they say are dropped by these trojans and contact them if none of them are found. They need to know lots of ppl are having the problem and it isnt an isolated event. I know i'm not giving you any answers, but i cant, only Trendmicro can explain whats going on. If they are false positives, hopefully Trend will patch for them soon and stop giving us all gray hair.


ParaBrat @#mIRCAide DALnet