Copy link to clipboard
Copied
Hello,
We are March 20, 2023, around 4:00 PM ETC
So I downloaded and tried to install Adobe Reader. I made sure it was from the official website, as I already have a story with a third-party one. So it was no doubt from get.adobe.com. Halfway through installation, Windows Defender blocked it because it found the Wacatac B, a serious threat, attached to the .exe file. The affected file was rooted in: C:/PRogramData/Adobe/Temp/7682/installer.bin. It was deleted at that moment.
Just in case, I went back and double-checked my browsing history. And again, that was get.adobe.com.
Did that happen to anyone, how could this be?
I think the threat was blocked, but I'm running a full scan through my laptop at the moment, with Windows Defender again, and with Malware Bytes later. I will edit if further detail is found.
Copy link to clipboard
Copied
Did you update the antivirus definitions before retrying? False positives are often fixed quickly. Or you may need to report it - no good reporting it to Adobe, it's your antivirus makers who have to fix it.
Copy link to clipboard
Copied
Thanks for your answer. Yes, I had everything up to date and double-checked afterward. I don't feel confident downloading this file again and retrying, though, until I understand what happened.
And yes, I read about false positives.
I'm including the pictures that I took at the moment. Sometimes I wonder if my cursor drifted to a third-party website unknowingly. Have no idea what a blob is.
Copy link to clipboard
Copied
A "blob" is basically a file. This is fine, since you're downloading from the adobe.com domain.
It's most likely a false positive by Windows Defender.
Copy link to clipboard
Copied
Today
Copy link to clipboard
Copied
Clearly there is a problem.
Copy link to clipboard
Copied
Bye Acrobat Reader . Open Source alternatives .
Copy link to clipboard
Copied
Same detection on my computer.
Copy link to clipboard
Copied
That virus is serious. The good news is I haven't noticed any breach to my accounts so far, it has been 3 days. So Windows Defender did prevent the worst.
Copy link to clipboard
Copied
Exact same problem here.
Not installing Acrobat Reader until this issue will be explained by Adobe.
Copy link to clipboard
Copied
Copy link to clipboard
Copied
same situation, 27/03/2023, 2 AM.
I can survive without the reader from adobe. Some risks are not worth taking.
I dont really care if its a false positive or not. Both big companies, sort it out between yourselves. Until that, lost clients.
Copy link to clipboard
Copied
Hi @maryamira @Fernando29084139zh8h @Carlo290789449nky @Miguel29033044y8k3 @Sergio29030100bdrq
Hope you are doing well, and thanks for reporting this issue. I will get it checked internally with our team.
Please remove the application using the Acrobat cleaner tool https://www.adobe.com/devnet-docs/acrobatetk/tools/Labs/cleaner.html , reboot the computer once, and reinstall the application using the direct link https://get.adobe.com/reader/enterprise/ and see if that helps.
Let us know if you experience any trouble and need more help.
Regards
Amal
Copy link to clipboard
Copied
We had the same issue. Adobe does not seem to think the problem is on their end, despite several isolated cases with the same problem. I am also using Defender for Endpoint and it was also labeled as 'Wacatac.'
Copy link to clipboard
Copied
Hi there
This issue is known to our engineering team and is being worked upon.
We will share more details as soon as we get any updates.
Regards
Amal
Copy link to clipboard
Copied
I've downloaded Acrobat and then later adobe premiere pro and both times malware followed. The worst was when I got premier pro and got a Trojan malware
Copy link to clipboard
Copied
It is November 2, 2024, and my antivirus is sending the next messages:
I tried to contact an online agent, but despite Adobe offers 24/7 support, no one was available to assist.
Copy link to clipboard
Copied
The name Acrobat_Set-Up.exe already is suspicious. Where are you downloading from. Looks not official to me.
Copy link to clipboard
Copied
1) I wento to the official website of Adobe Acrobat in Spanish
2) Then I clicked on the button "Get the Apps" to download Adobe Acrobat Pro
And I get the message from my antivirus I previously mentioned.
Copy link to clipboard
Copied
Ahh, ok. You're not really downloading Acrobat but a helper app that will download and install Acrobat. This app is just about 3 MB in size and does want to download more things form the internet, since normal installation package for Acrobat is about 1 GB. So it's propably a false positive from your Antivirus.
You can download it directly here: https://helpx.adobe.com/es/acrobat/kb/acrobat-dc-downloads.html
Copy link to clipboard
Copied
Thank you, but due to the shady situation, I cancelled my subscription permanently.
You can call it false positive, but for me it simply is terrible service.
Copy link to clipboard
Copied
I also had the same thing happen to me not too long ago. It was downloaded directly from the Adobe webpage. I took a look at Bitdefender, and this is the message that shows in my notification.
C:\Users\MYPCNAME\Downloads\Acrobat_Set-Up.exe tried to load a malicious resource detected as Gen: Trojan.Heur.TP.kp2@byxzjxai and was blocked. Your device is safe.
I don't feel comfortable downloading the app anymore because Adobe sees that it is necessary to attach other unwanted features and apps, such as McAfee and their Creative Pro App, to the download without being able to refuse. I will be canceling my subscription.
We should be able to download the stand-alone Adobe Reader app AND receive ALL the necessary updates, INCLUDING security updates, without also having to download an app that is not needed.
Copy link to clipboard
Copied
I decided to cancel my susbscription too.
Copy link to clipboard
Copied
Same for me (Gen:Trojan.Heur.TP.kp2@b8na4Udi). Why does Adobe do not care?
Copy link to clipboard
Copied
Same issue here, BitDefender blocks it with the message below. Adobe, any ideas when this will be resolved as I am going to have to buy an alternative if not resolved very soon. \Downloads\Acrobat_Set-Up.exe tried to load a malicious resource detected as Gen:Trojan.Heur.TP.kp2@bGbaVthi and was blocked. Your device is safe.