topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday April 19, 2024, 11:45 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

« previous next »
Pages: [1] • bottom

Author Topic: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe  (Read 7635 times)

benrifkah

  • Participant
  • Joined in 2010
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« on: March 16, 2010, 12:42 PM »
Greetings,

I'm running Gridmove v1.19.62 On Win 7 Home Premium 64 and it's working great!

However, this morning I got a report from Kaspersky Anti-Virus 6.0 with the latest virus definition database (2010-03-16 06:27:00) saying that c:\program files (x86)\GridMove\GridMove.exe contains "Trojan.Win32.AutoHK.fe".

Unfortunately, Kaspersky's virus dictionary doesn't have anything on the suspected trojan that they're reporting: http://www.viruslist.com/en/search?VN=Trojan.Win32.AutoHK.fe&referer=wks.  It seems a little odd that they'd report a trojan without having any information about what it does but they apparently have a number of Auto Hot Key related definitions in their database without any explanation: http://www.viruslist.com/en/find?search_mode=full&words=Trojan.Win32.AutoHK

I'm betting this is a false positive.

jgpaiva

  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 4,727
    • View Profile
    • Donate to Member
Re: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« Reply #1 on: March 16, 2010, 02:44 PM »
:(
It is a false positive.
And unfortunatelly I have already compiled GridMove without binary compression, which means there really isn't much I can do...

benrifkah

  • Participant
  • Joined in 2010
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
Re: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« Reply #2 on: March 16, 2010, 03:11 PM »
:(
It is a false positive.
And unfortunatelly I have already compiled GridMove without binary compression, which means there really isn't much I can do...
-jgpaiva (March 16, 2010, 02:44 PM)

I figured as much.  I mainly posted here so that an explanation would show up in search result for others that get the same report and aren't sure what to do.

I reported it as a false alarm to Kaspersky so we'll see.

Thanks for the quick reply.

jgpaiva

  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 4,727
    • View Profile
    • Donate to Member
Re: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« Reply #3 on: March 16, 2010, 04:36 PM »
Thank you for your effort!
Let's see if it gets solved :)

[edit]
I've just noticed that what's flagged is "autohotkey", the language gridmove is built on... Sorry to see that, it means every program compiled with it gets that flag :(

benrifkah

  • Participant
  • Joined in 2010
  • *
  • default avatar
  • Posts: 3
    • View Profile
    • Donate to Member
Re: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« Reply #4 on: March 16, 2010, 05:23 PM »
I reported it as a false alarm to Kaspersky so we'll see.
-benrifkah (March 16, 2010, 03:11 PM)

Good News!

Just got this email from Kaspersky:

RE: [VirLabSRF][False Alarm][M:1][LN:EN][L:0] [KLAN-65305705]
   
Hello,

Sorry, it was a false detection. It will be fixed in the next update.
Thank you for your help.

Best Regards,
Oleg Yurzin

Malware Analyst
Kaspersky Lab

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Kaspersky Reports Gridmove as containing Trojan.Win32.AutoHK.fe
« Reply #5 on: March 17, 2010, 08:44 AM »
Cool that Kaspersky take the time to answer :Thmbsup:
- carpe noctem
Pages: [1] • top
« previous next »