everytime i go to firewall/d+ logs and click the “More” tab i get this alert. in my d+ i get this. why is the log viewer .exe executing an updater?
vvvvvvvvvvvvvvvvvvvvvvvvv
[attachment deleted by admin]
To my knowledge, it doesn’t, and shouldn’t. Otherwise, CFP would have to have some Adobe elements installed when CFP is installed. So the D+ alert makes no sense.
Have you checked the Adobe path, that the updater app exists, and is a proper Adobe app? To my knowledge, Adobe does sign their apps, and if it is real, it should be recognized as such, by both Windows (in the file properties) and by CFP.
the file path/location is legit.
i have the adobe updater as a blocked app in my net. security policy. when i first opened adobe reader i got a whole bunch of outgoing intrusion attempts b/c i hadn’t configged adobe reader yet and the updater started with the reader. this has been occurring ever since. ???
Adobe Reader? I’ve got Reader v8 installed on this box. The updater app is AdobeUpdateCheck.exe, with the Adobe 3-point triangle thing as an icon.
Adobe_Updater.exe with a gear-tooth icon doesn’t match the naming or image. And a quick google check is showing the file name to be anything but friendly. Definitely not Adobe.
I would suggest uploading the file to virustotal.com and to threatexpert.com to see what they say.
adobe reader 9 was out a while ago.
my adobe_updater.exe is signed by adobe (it has a gear toothed icon)
I’ve checked one of the other machines here, that has Acrobat 9 installed. Yes, there is the Adobe_Updater.exe, with the gear-tooth icon. Same size file and matching path. Verisign certificate, signature dated 16 April 2008.
Okay, now I believe it’s a real and proper file. ;D
Now, as to why log viewer would be trying to execute an adobe updater? I have no idea. Are you executing the CFP log viewer directly, or from within CFP?
within pc.
ok. it has nothing to do with adobe. i changed the loaction of the “updater6” folder in coomon files and when i went to the log viewer not it wanted to execute SUPERANTISPYWARE.exe (which i was running a scan with at the time). ??? ???
This makes no sense to me, assuming a normally functioning application. So then, the assumption is probably questionable.
Try running the log viewer in the Firewall/Repair folder, and see if anything different happens. Including anything different in the CFP Defense+ logging or settings.