I went to http://files.filefront.com/Heartland+Deluxeexe/;6236233;/fileinfo.html and downloaded Hartland_Deluxe.exe. My AVG antivirus says it contains worm/feebs.ki... Can someone checkout this to be sure if this is a false alarm or what. Thank you for your time.
Jerry Parker
Hm, Avira Antivir says the same. Still, occasionally antivirus software will mistake an uninfected file for a virus, so you should wait for a few other oppinions.
Oh yeah, my mirror of that is down. I've stopped paying for that old site. I'll make a new mirror on xiigames tomorrow. Limpy, could you email me the latest version? Email on http://www.xiigames.com right column. (Just in case that other mirror does have a virus.)
Edit: I just DLed and got a virus warning too.
Hmm. That's odd. AVG says it's clean. :-\
Worm/feebs usually spreads via email (according to the AVG virus encyclopedia), but I suppose an .exe could become infected. Regardless, I don't see how it could have suddenly affected that file, since it's the same one that's always been available on FileFront, and this is the first time I've ever heard of a virus warning.
Until we get more information about the FileFront one, you could try downloading from here. (http://aafiles.bicycle-for-slugs.org/incoming/LimpingFish/Heartland_Deluxe.exe) I've scanned that one too and it comes back clean.
EDIT: No problem, Vince. There's a copy on BforS above. And many thanks for your continued hosting generosity (two years and counting!). :)
EDIT: Ah, now this is interesting. I just updated AVG and now it says the file is infected. But here's what's really weird: it says the BforS file is also infected. Which makes me think it may be a false positive, because neither of those files have been changed in the past two years.
Heartland Deluxe is available from a few other sources, so I'll check those too.
EDIT: They're all coming back as positive. WTF.
EDIT: Unbound is coming back positive too! This could be related to the version of 7-zip that was used to compress them as self-extracting archives. More investigating is needed...
Sounds like a false positive. I've had Antivir find the most interesting viruses on the most unusual files. One such was some downloader trojan or worm or whatever on mIRC.exe, appeared mid-runtime. It was gone after the next Antivir virus database update.
Negative on Avast, totally clean here.
Nothing detected with Norton 360.
Clean with Panda Antivirus
Thank all of you for your input. Virus and worms are getting so sophisticated that I try to be careful, but sometimes the anti virus misses.
Quote from: jyparker on Sat 03/01/2009 15:45:04...sometimes the anti virus misses.
I'm still trying to develop an anti-missus virus :-\
Quote from: Stupot on Sat 03/01/2009 16:14:14
I'm still trying to develop an anti-missus virus :-\
Chlamydia should do the trick.
Thanks everybody for taking the time to check the file. :)
It does seem to be triggering a false positive in AVG (I use the free version myself) and Avira, but I can't track down exactly what's causing it.
Newer zipped versions don't seem to trigger it, so I'll replace the uploaded versions in a bit.
EDIT: Both files have been replaced, and I've removed the filefront link from the Heartland Deluxe entry. As far as I can tell, the new versions don't result in a false postive. :)