Win32 klayout.exe 0.19.3 detected as trojan by Kaspersky

edited May 2010 in General


Kaspersky recently started to report the Win32 executable "klayout.exe" in version 0.19.3 as a trojan (Trojan.Win32.Vilsel.abzb). That can be verified with Kaspersky's online scanner (

Only version 0.19.3 is reported, 0.19.2 and 0.20 are not considered dangerous.

klayout.exe of 0.19.2 and 0.19.3 differ in a few bytes only - namely date and version strings. This I hope, serves as a proof that there is no trojan hidden inside klayout.exe in version 0.19.3. Obviously, I have managed to trigger the signature detector inside the Kaspersky scanner.

Best regards,



  • edited November -1
    That's funny ))
    P.S. I'm former Kaspersky's employee
  • edited November -1

    Hi all,

    Kaspersky has removed klayout.exe from their signature files. Lately, all versions have been reported to contain a virus. Kaspesky has confirmed that it was a false positive and changed their signatures accordingly. klayout.exe now is clean.

    McAfee who also reported klayout.exe as containing a virus sent a note that it would take 4 to 6 weeks to confirm the false positive ...


  • edited November -1

    Could someone also contact AVG as they see Klayout as also containing a Virus

    The message reads "Trojan Horse Generic19ADEW"

    Even the version I had already installed I try downloading the latest version and still does it.
  • edited November -1
    not sure if this link works but.
    Tested this file with Virustotal.
    and the problem is alot farther reaching that whats been posted above. Klayout is being flagged by 19 ot of 43 possible scan engines.
  • edited November -1
    I have submitted it to Avast as a false positive. hope that solves it for some.
  • edited November -1

    Thank you for taking care of that.


Sign In or Register to comment.