Win32 klayout.exe 0.19.3 detected as trojan by Kaspersky

edited May 2010 in General


Kaspersky recently started to report the Win32 executable "klayout.exe" in version 0.19.3 as a trojan (Trojan.Win32.Vilsel.abzb). That can be verified with Kaspersky's online scanner (

Only version 0.19.3 is reported, 0.19.2 and 0.20 are not considered dangerous.

klayout.exe of 0.19.2 and 0.19.3 differ in a few bytes only - namely date and version strings. This I hope, serves as a proof that there is no trojan hidden inside klayout.exe in version 0.19.3. Obviously, I have managed to trigger the signature detector inside the Kaspersky scanner.

Best regards,



  • edited 1:54PM
    That's funny ))
    P.S. I'm former Kaspersky's employee
  • edited 1:54PM

    Hi all,

    Kaspersky has removed klayout.exe from their signature files. Lately, all versions have been reported to contain a virus. Kaspesky has confirmed that it was a false positive and changed their signatures accordingly. klayout.exe now is clean.

    McAfee who also reported klayout.exe as containing a virus sent a note that it would take 4 to 6 weeks to confirm the false positive ...


  • edited 1:54PM

    Could someone also contact AVG as they see Klayout as also containing a Virus

    The message reads "Trojan Horse Generic19ADEW"

    Even the version I had already installed I try downloading the latest version and still does it.
  • edited 1:54PM
    not sure if this link works but.
    Tested this file with Virustotal.
    and the problem is alot farther reaching that whats been posted above. Klayout is being flagged by 19 ot of 43 possible scan engines.
  • edited 1:54PM
    I have submitted it to Avast as a false positive. hope that solves it for some.
  • edited 1:54PM

    Thank you for taking care of that.


Sign In or Register to comment.