DonationCoder.com Software > JGPaiva's GridMove and Ahk Tools

GridMove Identified by Symantec AntiVirus as Backdoor Trojan

(1/5) > >>

Matt Caspermeyer:
Today (July 11, 2008), Symantec AntiVirus identified GridMove as a Backdoor.Trojan with the 7/9/2008 rev. 3 definition file and deleted GridMove.exe from the Program Files folder and also the application link from Startup.

I imagine I can just re-install GridMove and it should be okay, but I'm pretty sure this is a false positive by Symantec AntiVirus since the previous definition file did not detect an infection, no other programs are infected, and GridMove launches on startup every time. Has anyone else had the same problem? I'm running Windows XP x64 if that makes any difference.

Here's a picture of what Symantec AntiVirus did:



Thanks for any information you can provide.

jgpaiva:
Not again... GRR, damn! Antivirus programs frequently flag programs made with autohotkey, and yes, that's a false positive.
Thanks a lot for the heads up, Matt! Most people just delete it and go on with their lives, I'm glad you took the time to post here.
I have been making some updating to GridMove, and next week I expect to post a new version. This new version will be compiled with the most recent version of AHK, thus, it'll have no problems with antiviruses (at least, for some time  :'()
Sorry for the inconvinience, Matt!

Matt Caspermeyer:
jgpaiva:

Thanks for the reply!

I'm more disappointed in the fact that Symantec blew  :'( GridMove away (GridMove is one of my favorite little apps! 8)), without giving me a chance to save it!

Hmmm... since I rarely reboot, and since GridMove is still in memory (Hah! Symantec didn't remove it from memory!), maybe I'll try holding off reinstalling it until you get the new version of GridMove posted (I can probably go a week or two without rebooting unless Symantec (or usually it's Microsoft with an update) makes me).

Can't wait for the new version - thanks and keep up the awesome work! :Thmbsup:

jgpaiva:
You don't actually have to go without rebooting.
Just change the name of the executable to GridMove2.exe or something, I'm pretty sure it won't delete it then ;)

Can't wait for the new version - thanks and keep up the awesome work! :Thmbsup:
-Matt Caspermeyer (July 11, 2008, 04:52 PM)
--- End quote ---
:) I hope it'll bring some good improvements. Right now, I already have the "drag to edge" method working with multi-monitors, a long-overdue feature.
I also intend to clean up the menus a bit, improve the about box and hopefully add a "cycle to next grid element" feature that I think is really cool and has been requested a few times already ;)
(But shhh.. noone can know about this, it's supposed to be a surprise  :tellme:)

lanux128:
judging from the screenshot, Symantec AV has made a poor decision as it deems a "successful healing" is merely deleting the file but being unable to remove it from memory, leaving the user's PC in a vulnerable state. :down: luckily for Symantec, GridMove is NOT a virus/malware.

Navigation

[0] Message Index

[#] Next page