Virus from Windowsblind

October 9, 2006 1:19 AM from

I just went to download JJ Ying's submission V!VA for Windowblinds and my AV software popped up to warn me that I had recieved W32/HLLP.Philis.ini virus along with the download. It's a low risk virus but that's beside the point. Are these submissions scanned before they are posted? I've never gotten anything from a WB before. Is this possibly a mis-identification?

6,868 views 8 replies

Reply #1 October 9, 2006 8:08 AM from

Stardock Forums Top

What AV Software are you running? Right now, it looks to be something that only McAfee is catching.

Reply #2 October 9, 2006 9:16 AM from

Stardock Forums Top

The virus warning people seem to be getting on this skin appears to only show up under the McAfee scan. Kaspersky, Computer Associates and NOD32 so far have all cleared the skin as clean.

Until we get this confirmed by a second virus scan tool, we're going to assume that it's an anomaly with McAfee and let it stand.

Start11 - Customize the Start Menu and Taskbar in Windows 10/11.

Reply #3 October 9, 2006 9:17 AM from

Stardock Forums Top

Ran an individual scan with AVG for EVERY file within this blind, and turned up nothing...

Also ran an online scan ...again nothing.

JJYing would be extremely careful about things like this.

Reply #4 October 9, 2006 11:11 AM from

Stardock Forums Top

Yes, I'm running McAfee and it could be a McAfee quirk but it did find and delete the file on a full sweep. It could also be like running adware programs, one program doesn't see anything but the next one will. They only see bugs that they have the definitions for.

P.S. "if" there is a virus in the file I don't think that JJYing would have known about it. People with that kind of skill tend to be very conscientious.

Reply #5 October 11, 2006 12:45 AM from

Stardock Forums Top

I only have kapa installed, maybe I need to use another av soft to check them and ensure they are not infacted

Reply #6 October 11, 2006 1:14 AM from

Stardock Forums Top

try mcafee

Reply #7 October 14, 2006 12:50 AM from

Stardock Forums Top

when i downloaded Ares by Mike B from here, it shut down my antivirus, shut down Firefox and then froze my computer. I use Comp.Assoc.AV. Upon restart everything worked fine?

Reply #8 October 17, 2006 2:08 PM from

Stardock Forums Top

I use McAfee and I got the warning, too.

There's a file called "_desktop.ini" within the wba file. The W32/HLLP.Philis virus creates "_desktop.ini" in every folder while looking for executable files to infect.

From what I understand, "_desktop.ini" is not a virus itself and poses no threat - it's a file left behind by the virus, which may be why most anti-virus programs aren't catching it. In any case, anyone who installed the blind should probably delete "_desktop.ini" from the WindowBlinds\V!VA directory if it's there.

ZOOMBA - If you delete "_desktop.ini" from the wba file (which is what McAfee does when it finds it), users won't get the virus warning after they download it.

By the way ... the blind looks great!

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!