Anybody With Adobe 6 Infection Win.32.luder.a@mm

Ginawild

has anyone seen this?? showed up this morning after my computer scanned while I was sleeping. This is the detailed information. I don't even run Adobe 6 anymore ... upgraded awhile ago. Is this a real virus, and if so, what's my best course of action?

C:\WINDOWS\Cache\Adobe Reader 6\Data1.cab=>acroaum.exe Infected: Win32.Luder.A@mm

C:\WINDOWS\Cache\Adobe Reader 6\Data1.cab=>acroaum.exe Disinfection failed

C:\WINDOWS\Cache\Adobe Reader 6\Data1.cab=>acroaum.exe Move failed

AndreiASM

The virus is located in a cabinet files. The virus spreads via e-mail and also infects PE Win32 exe's and RAR archives. The virus is contained inside the archive. Since you don't use Adobe 6 anymore, I think that you can safely delete the entire cabinet file where the virus is contained.

Andrei

Ginawild

The virus is located in a cabinet files. The virus spreads via e-mail and also infects PE Win32 exe's and RAR archives. The virus is contained inside the archive. Since you don't use Adobe 6 anymore, I think that you can safely delete the entire cabinet file where the virus is contained.

Andrei

oh, good grief ... how do I delete and entire cabinet file? I don't even know what it is.

strange thing ... I've run Bit Defender for months and months and now two viruses caught in the past 10 days. wonder if my system isn't running correctly. seems when I check the log many of the updates fail ... then later they are successful. is that normal? wouldn't seem like it is to me.

Gina

alexcrist

oh, good grief ... how do I delete and entire cabinet file? I don't even know what it is.

strange thing ... I've run Bit Defender for months and months and now two viruses caught in the past 10 days. wonder if my system isn't running correctly.

Hi Gina,

A Cabinet File (CAB) is the Microsoft Windows native compressed archive format. It's just like any other archive type, but it's made by Microsoft

To clean you virus, just go to C:\WINDOWS\Cache\Adobe Reader 6\ and delete the file Data1.cab.

You could also delete the hole Adobe Reader 6 folder, if you say you upgraded to a newer version.

If, somehow, you can't delete the file, disable BD Realtime Protection and try again (BD might be blocking the virus).

Also (I'm not sure about this), this could be a false positive. So, before deleting the file, put it in a zip file (protected by the password infected) and attach it to your next post. If it is a false positive, then BD Virus Researchers will remove the detection.

seems when I check the log many of the updates fail ... then later they are successful. is that normal? wouldn't seem like it is to me.

Are you talking about BD updates?

If yes, then there's no problem if the updates are, eventually, made. Sometimes the packets (update files) become corrupted while download and the update fails. This could be caused by many things (maybe an instable connection?), but if you try again and the update works, then you have nothing to worry about.

Cris.

Ginawild

Hi Gina,

A Cabinet File (CAB) is the Microsoft Windows native compressed archive format. It's just like any other archive type, but it's made by Microsoft

To clean you virus, just go to C:\WINDOWS\Cache\Adobe Reader 6\ and delete the file Data1.cab.

You could also delete the hole Adobe Reader 6 folder, if you say you upgraded to a newer version.

If, somehow, you can't delete the file, disable BD Realtime Protection and try again (BD might be blocking the virus).

Also (I'm not sure about this), this could be a false positive. So, before deleting the file, put it in a zip file (protected by the password infected) and attach it to your next post. If it is a false positive, then BD Virus Researchers will remove the detection.

Are you talking about BD updates?

If yes, then there's no problem if the updates are, eventually, made. Sometimes the packets (update files) become corrupted while download and the update fails. This could be caused by many things (maybe an instable connection?), but if you try again and the update works, then you have nothing to worry about.

Cris.

in reply to your last question ... the answer is YES ... these are BD updates. So, it appears based on what you say, I am OK there.

I was just reading online what a CAB file is and this I understand it (well ... kinda :-) Anyway ... I upgraded to Adobe Reader 7.0 a long time ago, so I suppose I could probably just delete that whole folder and it will be gone forever. I'll try doing the zip thing and turn it in to BD, but based on some of the googling I've done this virus has been seen before numerous times by other people running other viruse software, so I assume it's real. I did check the Bit Defender Website and I don't think its a false positive, but I could send it anyway.

OK ... I'm now a woman on a mission ... wish me luck :-) I've given some thought to a new computer (not because this one is too old or slow, but just wondering if it's time. I'm already an idiot when it comes to XP (well, mostly) ... Vista really scares me ... I'd be starting all over. I'm tempted to stick with XP because at least I know a few things. Guess I can get one with XP, but I suppose software will begin to head in the Vista direction and I'll be behind the eight-ball. But, people like me who use a computer regularly, but aren't technical are hesitant to try something new when the old is working. But, that's another subject!!!

do wish me luck. it doesn't sound all that complicated. you guys are lifesavers!!! Thank you!!!

gina

alexcrist

You're very welcome, Gina.

If you have any other BitDefender/IT Security questions, please don't hesitate to post here

Cris.

Niels

Hello Gina

You can perform this scan to know if your computer is at risk: http://secunia.com/software_inspector/ This is a trustful tool that will scan to out of date programs that have security risks and offer you what you can do to solve it. Some viruses uses security holes in out of date software to infect your pc.

Regards

Niels

AndreiASM

Glad that we could help you!

Andrei