Results 1 to 8 of 8

Thread: Win32:Induc

  1. #1
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    This morning I upgraded my iTunes in the usual online fashion. Afterward it required a restart. When I did I was greeted with an Avast warning that it had found WIN32:INDUC in the VISTASTARTMENU.EXE file and I let it be moved to the chest. I immediately used Revo to uninstall the program.

    When I went Googling I found this TODAY release: Kaspersky Lab reports the detection of a virus infecting applications created with Delphi

    It says the virus attacks Delphi produced programs and I don't know what the heck VistaStartMenu (or iTunes for that matter) is programmed in.

    Has anyone else gotten this warning? Might it be a false positive? I'm thinking NOT on the basis of the TODAY press release AND the fact that Avast already knew about it. What say other Loungers?

  2. #2
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    A followup

    I also found this ominous reading at the Avast blog: avast! blog Win32:Induc, new concept of file infector?

    I've been using VistaStartMenu for quite some time and haven't required an update for awhile. I don't think it does any web access, so I don't know how it possibly got infected by this bummer!

    I just had Avast manually scan every file in the iTunes folder(s) and it comes up clean, so I still don't know if iTunes was the carrier or not. I would have thought that Avast realtime scanning would have screamed if I had picked it up at some site I visited this morning. I did visit a bunch of sites looking for a Honeymooners video, including YouTube and others. But again, if it was somewhere I went this morning you'd think Avast would have caught it immediately, not after a reboot.

    I'm obviously not gonna re-install VistaStartMenu but I'm also running scared of where else this @#$%^&* thing might sneak in!

  3. #3
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    More Followup!

    Continuing my quest, just in case anyone else gets "hit" with this thing. I found these TWO posts from Dennis, the author of VistaStartMenu in their forum:
    From: OrdinarySoft
    Date: Tue, 18 Aug 2009 22:39:11 +0300
    Local: Tues, Aug 18 2009 3:39 pm
    Subject: Re: [vistamenu] NOD32 ESET think the application is a variant of Win32/Induc.A virus
    Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
    Hi,

    You need use latest version - 3.21

    > I just got this today.

    --
    Best regards, Dennis Nazarenko


    From: OrdinarySoft
    Date: Wed, 19 Aug 2009 09:49:19 +0300
    Local: Wed, Aug 19 2009 2:49 am
    Subject: Virus.Win32.Induc.a
    Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
    Hi,

    The version 3.2 has a virus inside
    I'm really sorry for the inconvenience.

    This virus is not dangerous.
    Please read more detail descriptions here -
    http://www.viruslist.com/en/weblog?weblogid=208187826
    http://www.delphipraxis.net/topic163041_vi...cts+delphi.html

    Please uninstall your current version and setup new one.

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Is there a connection with iTunes? It's a bit mysterious how you got this software in the first place.

  5. #5
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    [quote name='jscher2000' post='789823' date='19-Aug-2009 16:25']Is there a connection with iTunes? It's a bit mysterious how you got this software in the first place.[/quote]
    Well, I don't think so, but that's only a guess based on the fact that Avast (which "knows" about this one) says that ALL the files from iTunes are clean, but it could very well have been the carrier and turned it loose looking for Delphi programs. I don't know who to contact at Apple or I would ask them about this.

    Meanwhile, I found stuff on the Delphi web via Dennis' link above that says the virus DOES NOTHING, so is harmless. They have a small procedure there for future prevention, but files they say to mess with are not on my machine. I suppose the removal of VistaStartMenu got rid of them.

  6. #6
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post
    [quote name='Bigaldoc' post='789828' date='19-Aug-2009 16:47']Meanwhile, I found stuff on the Delphi web via Dennis' link above that says the virus DOES NOTHING, so is harmless. They have a small procedure there for future prevention, but files they say to mess with are not on my machine. I suppose the removal of VistaStartMenu got rid of them.[/quote]
    Al,
    I've been using Vista Start Menu ( free ) for some time now but don't do any itunes stuff.
    Is that the free version ( 3.21 ) or the Pro version you were using?
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  7. #7
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post
    [quote name='viking33' post='789861' date='19-Aug-2009 19:59']Al,
    I've been using Vista Start Menu ( free ) for some time now but don't do any itunes stuff.
    Is that the free version ( 3.21 ) or the Pro version you were using?[/quote]

    BTW, I just downloaded a new copy of 3.21 and scanned it with Anti-virus and Malwarebytes. Nothing found.
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  8. #8
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    [quote name='viking33' post='789862' date='19-Aug-2009 20:05']BTW, I just downloaded a new copy of 3.21 and scanned it with Anti-virus and Malwarebytes. Nothing found.[/quote]
    Per guidance from Dennis in my Post 789819 above, I too downloaded 3.21 and installed it. Avast is not complaining and it comes up clean.

    The one that got "infected" WAS 3.2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •