ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

DonationCoder.com Software > JGPaiva's GridMove and Ahk Tools

Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe

(1/2) > >>

benrifkah:
Greetings,

I'm running Gridmove v1.19.62 On Win 7 Home Premium 64 and it's working great!

However, this morning I got a report from Kaspersky Anti-Virus 6.0 with the latest virus definition database (2010-03-16 06:27:00) saying that c:\program files (x86)\GridMove\GridMove.exe contains "Trojan.Win32.AutoHK.fe".

Unfortunately, Kaspersky's virus dictionary doesn't have anything on the suspected trojan that they're reporting: http://www.viruslist.com/en/search?VN=Trojan.Win32.AutoHK.fe&referer=wks.  It seems a little odd that they'd report a trojan without having any information about what it does but they apparently have a number of Auto Hot Key related definitions in their database without any explanation: http://www.viruslist.com/en/find?search_mode=full&words=Trojan.Win32.AutoHK

I'm betting this is a false positive.

jgpaiva:
:(
It is a false positive.
And unfortunatelly I have already compiled GridMove without binary compression, which means there really isn't much I can do...

benrifkah:
:(
It is a false positive.
And unfortunatelly I have already compiled GridMove without binary compression, which means there really isn't much I can do...
-jgpaiva (March 16, 2010, 02:44 PM)
--- End quote ---

I figured as much.  I mainly posted here so that an explanation would show up in search result for others that get the same report and aren't sure what to do.

I reported it as a false alarm to Kaspersky so we'll see.

Thanks for the quick reply.

jgpaiva:
Thank you for your effort!
Let's see if it gets solved :)

[edit]
I've just noticed that what's flagged is "autohotkey", the language gridmove is built on... Sorry to see that, it means every program compiled with it gets that flag :(

benrifkah:
I reported it as a false alarm to Kaspersky so we'll see.
-benrifkah (March 16, 2010, 03:11 PM)
--- End quote ---

Good News!

Just got this email from Kaspersky:

RE: [VirLabSRF][False Alarm][M:1][LN:EN][L:0] [KLAN-65305705]
   
Hello,

Sorry, it was a false detection. It will be fixed in the next update.
Thank you for your help.

Best Regards,
Oleg Yurzin

Malware Analyst
Kaspersky Lab

--- End quote ---

Navigation

[0] Message Index

[#] Next page

Go to full version