Jump to content

Adobe ace.dll Backdoor.Remcos


Recommended Posts

Reaching out to see if others are having a similar issue. We just started getting heavy E-mail notifications on an apparent backdoor Trojan on ace.dll for Adobe Acrobat. (C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\ACE.dll) 

My first reaction is that this is a false positive due to how many machines we're getting notified are infected. Anyone else getting these notifications? 

Link to post
Share on other sites
  • Replies 71
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

1 minute ago, Riggsbit said:

The file being picked up is a core.dll from Acrobat Reader which is required to open PDFs within their 'Protected Mode' sandbox (confined execution environment). 

Would it be wise to take the file out of quarantine and try to use adobe or reinstall?  

Link to post
Share on other sites
7 minutes ago, azvortex said:

Would it be wise to take the file out of quarantine and try to use adobe or reinstall?  

You can restore the file from quarantine, but MBAM will keep quarantining it at runtime until MBAM updates their AV definitions. Alternatively, if you still want to run Adobe Reader in the meantime you can add an exclusion rule (Exclusion Wizard) within MBAM under Settings. 

Link to post
Share on other sites
1 minute ago, Riggsbit said:

You can restore the file from quarantine, but MBAM will keep quarantining it at runtime until MBAM updates their AV definitions. Alternatively, if you still want to run Adobe Reader in the meantime you can add an exclusion rule (Exclusion Wizard) within MBAM under Settings. 

Thank you for the tip!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.