VIRUS DETECTION INCIDENT REPORT

Date: Nov. 14, 2009

OS: Windows Vista Home Premium SP 1
(New: Installed on Sept. 27, 2009)
Manufacturer: HP
Model: p6110f
Processor: Pentium Dual-Core CPU E5300 @ 2.60Ghz 2,60GHz
Memory Ram: 6GB
System Type: 64-bit OS
USE: Personal (home)

My own skills level (computer and internet): Beginner.

INCIDENT:

• On Nov. 14, 2009 I downloaded (Resort Labs) Link Commander 4.5.1.1172 from Software Informer web site (software reseller)
• When I opened the file to install the application in my computer (3:35 p.m.), an alert pop up from my G Data Internet Security 2010 appeared on my screen saying

Virus: Win32.Induc.A (Engine A)
(this new antivirus uses 2 different scan engines)
An attempt was made to open an infected file.
File: is-L6VNR.tmp
Directory: C:\Program Files (x86)\Link Commander

•As the virus was already under control and the installation process in progress, I finished it; but I scanned my computer immediately after. Quick scan results:

With G Data IS (first):
Virus (quarantined): Win32:Induc File: loc_setup.exe Directory: C:\Users\David\Downloads

With Prevx3.0.5.23 (after):
None infection found (3:43 p.m.).

• When the application opened by itself its Welcome to the Link Commander New Collection Wizard window (3:46 p.m.) my G Data opened its Virus Alert pop up again:

Virus: Win32.Induc.A (Engine A)
An attempt was made to open an infected file.
File: is-7SA9N.tmp
Directory: C:\Program Files (x86)\Link Commander

Windows opened “Problem Reports and Solutions” at the same time the G Data virus alert appeared saying:

Download updates for Windows.
Your computer might be missing updates that can help improve its stability and security.

But my computer was 100% update in everything. My Windows Update and HP Update are always on, I use CNET TechTracker and I check a couple times every day.

• I scanned my computer immediately.

• Again, as the virus was under control and the application, ready to be used, I used it. I thought the problem wasn’t the application itself but the source (Software Informer) so all I had to do to avoid it in the future (if I need to redownload that same software some day) was getting it somewhere else (I have downloaded A LOT of stuff from different web sites and this was the first time that my AV detect something harmful during the process) (I used to have an XP with ZoneAlarm Security Suite before)
• But, as a last resource, I had to use System Restore to fix my mouse pointer that was freezing periodically for 1-3 seconds (my Norton Internet Security 60 day trial that came with the computer caused several problems, and that was one of them) so I needed to redownload Link Commander a lot sooner than expected and, even I went to another web site to get it (Cnet Downloads, a very trusted site) it happened exactly the same thing (Nov. 21, 2009)

• Considering that
-This virus is severely harmful (MS Malware Protection Center),
-there are no obvious symptoms of it (MS Malware Protection Center) and
-Link Commander is a very well ranked and popular application available in a lot of download
sites over the Internet and offers a 30 day fully functional trial, all of which favors any virus
spread,
it is important to do something to let the people know about this problem in Link Commander, and some ofyou out there must know how better than me.

I hope this report is useful for that purpose.

David.