Our Threat Intel detected one of the Reader plugins as Malware.
Folder Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers
File Name: MSRMSPIBroker.exe
Can you advise if this is a legitimate file?
By what AV program?
Have you done a Google search on that file name?
Copy link to clipboard
No, of course we can't tell you if it is a legititmate file, because malware often replaces valid files, so the malware name is the same. However the process with such reports is the same:
* Check the origin of the file (Azure plug-ins: https://helpx.adobe.com/uk/acrobat/kb/mip-plugin-download.html)
* Reinstall in a safe environment
* Check and compare
* If the same, report as a false hit.
Managing false hits is an annoying but necessary task.
I am saying this is a plug-in to allow Azure access to Acrobat Reader. It is an extra install, not included with the standard Acrobat Reader. If you did not install this, be suspicious.