cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
0
Upvote

Adware.IstartSurf threat in Adobe Reader program files

willie_e
Explorer ,
Nov 03, 2018 Nov 03, 2018

Malwarebytes hit on this on two of four machines this morning. See attached. It quarantined and wanted to reboot to delete. Norton did not find an issue.

MalwareBytes Adobe Quarantine - Copy.JPG

After rebooting and opening Adobe a configuration notice popped up 'Preparing to install.." then a progress bar while 'Windows configures Adobe..." & Adobe opened. See attached.

Adobe post MalwareBytes - Copy.JPG

The files originally quarantined by Malwarebytes were back in the Adobe folder. I don't find anything in the forums about this. Any comments or experiences? For now all seems well but it is an anomaly I am not comfortable with.

609
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
gkaiseril
LEGEND ,
Nov 03, 2018 Nov 03, 2018

It is possible the downloaded install program has been corrupted. I would remove Acrobat Reader and then download from Adobe.com a new copy of Adobe Reader and install it.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
willie_e
Explorer ,
Nov 03, 2018 Nov 03, 2018
LATEST
In Response To gkaiseril

As I indicated Windows detected an issue and re-installed some part(s) of the application. I suspect it detected the missing files that had been quarantined and removed. That they were corrupted may be correct, but since i do not know what caused this to happen(I have another Win10, all pro and a win 7 pro machine) that are configured similarly without these issues, I do not think it appropriate to use the shotgun method.

This issue is defined as a rootkit as well and I want to know if there is anything resident on the machines that cause it to repeat. Since Malwarebytes has demonstrated an ability to detect the problem, and I already have it set to do interim scans hourly, I am as confident as I can be for now in using it as is.

My purpose in posting is to solicit similar experiences and be a resource in case someone else is looking at the same problem, and hopefully Adobe staff monitor the forums and can make note of it as well. Thanx....

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Acrobat Reader
About Acrobat Reader
Open in a new window
Reader Help
Acrobat Reader Help
Open in a new window
FAQs
Download Offline installer
Open in a new window
Extract .msi installer
Open in a new window
About Reader Customization
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices