Just Got Infected Win32:Induc.A

Today I downloaded 2 programs, GIMP and paint.net. I liked paint.net better so I uninstalled GIMP with Glary Utilities like I so to all other programs I no longer want. After installing two programs I’ve. Never heard of, I decided to run a boot scan. I was shocked when it found Win32:Induc.A in joinexe.exe in Glary Utilities. I didn’t see what the first was but it was probably Induc.B. I moved both to the chest and am waiting for the scan to finish (this is from my iPod). When the scan is done, what should I do?

Hey!
First of you did the right think sending this file to the chest. You can uplode those files to virustotal.com and check that they are real threat. if they are you can send them to avast for analyses. from the virus chest you can right click the files and send them to avast something like that.

Lets hope someone with a better knowledge with how you send files for analyses can give you better information how you send files to avast for analyses.

you can also give MBAB and SAS a try.

http://www.filehippo.com/download_superantispyware/
http://www.filehippo.com/download_malwarebytes_anti_malware/

god luck and write back if you get any problem

Ok. If I had just checked the swarm of posts similar to mine, I wold have seen it’s a non-damaging infection of Delphi-based programs that has appeared this week.

Hey, is it safe to uninstall Glary Utilities now after it was just infected? I’ve heard registry editors are bad anyway.

I never found Glary Utilities any good at all.

I like:
xp-AntiSpy
http://www.xp-antispy.org
TweakNow PowerPack 2009
http://www.tweaknow.com/powerPack.html
XdN Tweaker
http://xenomorph.net/?page_id=336

Listening to the Phantom of the Opera while having my morning coffee.

I uninstalled it for now at least until they come out with a one with the fixed source code. Even if this Induc isn’t carrying any payload, I still don’t like it.

See the comment by Michal Trs

http://blog.avast.com/2009/08/19/win32induc-new-concept-of-file-infector/#comment-953

Glary Utilities (build 2.15.0.728) is infected. Last build 2.15.0.738 from 18. August is clean.