Virus Found in Windowblind Skin File

Is this Possible?

Monday, February 26, 2007 by Damilee | Discussion: Skinning

Recently, while running a routine virus scan on my system, I found a virus in a windowblind file. Is this even possible? I mean it couldn't have been intentional, right?
19 Reply 14 Referrals
vStyler
Reply #1 Monday, February 26, 2007 2:59 AM
uunfortunately something in Wb's sets off some virus scanners.. Ive had them rejected from both Yahoo and Hotmail and labeled as viruses.

not sure if its anything to do with your issue..

..frustrating.

Im sure someone can elighten us though.

Fairyy~
Reply #2 Monday, February 26, 2007 3:03 AM
In all the years I've downloaded tons of skins from WC - I've never once has a virus in any of them...Im not saying its not possible but sometimes you get false positives from antivirus ....did you email a moderator with name of skin so they can check ?

Damilee
Reply #3 Monday, February 26, 2007 3:20 AM
Actually, it was a skin I got off of Deviantart, which was also an entry in the GUI Olympics. I have tried to search for the skin on Deviantart again and can't find it, although it is still listed on the GUI Olympics site.

Uvah
Reply #4 Monday, February 26, 2007 3:27 AM
I've got several WBs from Deviantart. If you can provide the name perhaps I can help.All those I've downloaded are scanned first before installing, just in case.

Bebi Bulma
Reply #5 Monday, February 26, 2007 3:35 AM
I've heard about that. I think it was just a desktop.ini file and it's a false positive. It's no virus.

vStyler
Reply #6 Monday, February 26, 2007 4:23 AM
What explains Yahoo and Hotmail freaking out over WB files then?

Uvah
Reply #7 Monday, February 26, 2007 5:00 AM
Neither one supports them supposedly. They're very sensitive to certain file types and false positives are the norm. I've experienced a few...no big deal.

thomassen
Reply #8 Monday, February 26, 2007 5:43 AM
Unless someone added an executable into the skin file then there is no way a skin file contains a virus.

Zoomba
Reply #9 Monday, February 26, 2007 6:32 AM
To help track this down, please provide:

1.  Name of Skin (and download link)
2.  Name of the Virus your scanner is detecting
3.  What AntiVirus software you're using.

Fairyy~
Reply #10 Monday, February 26, 2007 9:58 AM
What explains Yahoo and Hotmail freaking out over WB files then?


Hotmail freaks out over a Rainlendar Zip. I remember last year mailing someone a Rainy zip and she said it couldnt be opened because hotmail said it was a virus. So I sent her the Rainy on 12 different emails piece by piece and told her to put it all in a folder and there was no problem sending it that way. Hotmail is weird at times - or its the settings that you choose - im not sure , I dont use hotmail and Ive never had trouble with yahoo mail not accepting big files.

Erk.
Reply #11 Monday, February 26, 2007 10:15 AM
I seem to recall one of JJYing's entries in the GUI Champs flagging as containing a virus. I ran checks with AVG and an online scanner at the time and turned up nothing. JJYing is a great artist, and would never intentionally include a virus in his work.

Perhaps it was that blind that set off your AV alert.

There is no cause for concern, the blind is safe to keep & use [if that was the one].

Damilee
Reply #12 Monday, February 26, 2007 9:17 PM
The Windowblind skin was FROIS-01 and the anti-virus software is CA, I don't have the name of the virus, it was a couple of weeks ago and I tried to look at the scan log but it has been scanned again since then. Also, I thought that I had downloaded it from Deviantart, but I can't find it there. It must have been from the GUI Olympics site WWW Link

Quentin94
Reply #13 Monday, February 26, 2007 9:21 PM
i have scan the file with AVG and nothing there are no virus for AVG 7.5

Damilee
Reply #14 Monday, February 26, 2007 9:26 PM
I thought it was pretty weird...Also could have sworn I downloaded from DA.

Nimbin
Reply #15 Tuesday, February 27, 2007 9:13 PM
i wouldn't worry, i have downloaded a few skins and got false positives at times

i think it's the way some of the files are set up, if in doubt, never download the skins directly into window blinds, always download then and save the file then scan them, before importing them into windowblinds. window blinds is one of the best programs i have ever come across and i am sure the makers would be onto the ass of anyone trying to send viruses through this particular program


Gideon MacLeish
Reply #16 Tuesday, February 27, 2007 9:47 PM
Hotmail is weird at times - or its the settings that you choose - im not sure , I dont use hotmail and Ive never had trouble with yahoo mail not accepting big files.


I'll vouch for that. My camera phone sends in bitmap format...don't ask me why...and I have to convert it before I can send it on because hotmail "no likey" bitmaps.

unclerob
Reply #17 Tuesday, February 27, 2007 10:19 PM
Glad to hear that it was a false positive.

But more to the point, yes it's very possible for malware (virus, spyware, adware, etc.) to hide inside a wb skin folder. It also seems that this would be a great way to transmit viruses & spyware to alot of other pc's if people aren't careful.

All of the submissions that are uploaded to this site are personally reviewed by moderators before being released to the downloading public. If some form of malware did get zipped up inside of a wb theme file, I'm sure someone at this site would have found it before it gets released to the rest of us.

However, take responsibility for your own pc. Scan for viruses & spyware regularly and make sure your machine is up to date with the latest & greatest security/critical patches from M$ , and if you're running winxp (or win2k pro?), alot of users will be running as the local admin account for their machine (instead of running as a restricted user account type) - don't download & install every piece of software on this planet. If you do download & install something on your machine, make sure that it's virus/spyware free - don't assume that it's clean and don't download pirated software: the latest fad for malware authors is to hide their spyware & virus creations inside of much sought after software that people download for free from some p2p/torrent site.
The next time you download some form of "free" warez, take into account you may be getting more than just pirated software installed on your machine.



NightTrainthedark
Reply #18 Wednesday, February 28, 2007 7:06 AM
If someone has "show hidden folders" turned on, and packages their skin manually, the file will have the desktop .ini and thumbs db file zipped up inside the skin file. Your AV prog is probably picking that up.

thomassen
Reply #19 Wednesday, February 28, 2007 9:39 AM
If someone has "show hidden folders" turned on, and packages their skin manually, the file will have the desktop .ini and thumbs db file zipped up inside the skin file. Your AV prog is probably picking that up.

Eh, any why should AV programs e bothered about those files? Or is it hidden files in general?

Please login to comment and/or vote for this skin.

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

  • Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
  • Access to a great community, with a massive database of many, many areas of interest.
  • Access to contests & subscription offers like exclusive emails.
  • It's simple, and FREE!
Login

Home | About | Privacy | Upload Guidelines | Terms of Service | Help
Copyright © Stardock Corporation. All Rights Reserved.


web-wc01