13 Replies Latest reply: May 5, 2014 10:15 PM by MichaelKazlow RSS

    MySearchDial Virus/Hijack from Reader Update

    AustinShope Community Member

      Yesterday, while attempting to access a site including a PDF, I was prompted by Chrome to update my Reader version to the most recent version. I was taken to the typical Adobe Reader site, where I selected to download the update, but not the McAfee scanner. However, not only did I get the reader update, I now  have a very prominent and hard to get rid of virus/browser hijacker called MySearchDial. I have tried multiple times to get rid of this, including editing the registry, and running 3 seperate Antivirus and AntiMalware programs (Avast!, Malwarebytes, and Adware Removal Tool), all to no avail. i can 100% confirm that the virus/hijack got onto my computer at the same time as this Reader update as the issue did not crop up until after reader had been updated and my browser was restarted. I am unsure of what to do or where to go from here, but want to warn all users of this poisonous update.

        • 1. Re: MySearchDial Virus/Hijack from Reader Update
          pwillener CommunityMVP

          Something is very strange: Chrome does not use the Adobe Reader plugin, so why would it prompt you to download an update?

           

          Where exactly did it take you?  Can you post the URL from where you downloaded the update?  Also, can you post the name of that update file?

           

          Adobe Reader is downloaded by millions of users; yet you are the only one who is reporting an infection from a Reader update.

           

          P.S. this is where the latest Adobe Reader update should come from

          Windows: http://www.adobe.com/support/downloads/detail.jsp?ftpID=5715

          Mac OS: http://www.adobe.com/support/downloads/detail.jsp?ftpID=5717

          • 2. Re: MySearchDial Virus/Hijack from Reader Update
            COHikerGirl Community Member

            He is not alone.  Hardly.   You need to do a general online browser search for the terms "Adobe Reader" paired with "MySearchDial," and you'll find this is a current and widely-reproducible problem. Your mistake is, perhaps, in thinking that people trust Adobe far enough any longer to come here FIRST for solutions to the problems the Adobe app installations are causing.

             

            I just ran into the same problem this morning, when I performed an Adobe Reader update spurred by the Adobe Application Manager.  I am a retired software engineer, and trust me I was exceedingly careful to select the 'No' button in response to every damned prompt to load associated crapware as I attempted to load the latest Adobe Reader.

             

            I've just completed spending all frickin' day clearing my system, through a combination of registry edits, uninstall using the Microsoft-recommended "System Repair Engineer" application (since the Control Panel->Programs and Features dialog was unable to uninstall it), and browser re-sets.

            • 3. Re: MySearchDial Virus/Hijack from Reader Update
              pwillener CommunityMVP

              Thank you for your additional comments.  It would have been most interesting if you had documented that update process, e.g. with screenshots.

               

              What confuses me is that you used the Adobe Application Manager to update Adobe Reader.  Usually Reader updates using Adobe ARM, or from the Reader application itself (Help | Check for Updates).  None of these give you any options to download bundled crapware.

              • 4. Re: MySearchDial Virus/Hijack from Reader Update
                COHikerGirl Community Member

                You're quite right, Pat.  I wish I'd paid more attention to the initial prompt to do the update, but it appeared to be the familiar reminder and appeared to take me to a legitimate Adobe URL.  Of course, now I wonder whether it was masquerading.  The only other updater service that might have introduced the reminder is the Samsung Software Updater which is also on my Samsung Ultrabook in addition to the Adobe Application Manager.  I suspect the problem might equally likely lie there, rather than with the Adobe Application Manager.  Having run into the problem this time, you can rest assured that the NEXT time I get an update notification from either of the two, I'm going to document the process closely, as I go.  Once burned ...

                • 5. Re: MySearchDial Virus/Hijack from Reader Update
                  Test Screen Name CommunityMVP

                  One piece of software known to produce prompts to update Adobe Reader that look very convincing and slip in extra software is "File Type Assistant". You can see if that is in Add/Remove programs.

                  • 6. Re: MySearchDial Virus/Hijack from Reader Update
                    Test Screen Name CommunityMVP

                    Or FreeFileViewer. See http://forums.adobe.com/message/6021099 reply 40 for a list of suspicious stuff.

                    • 7. Re: MySearchDial Virus/Hijack from Reader Update
                      COHikerGirl Community Member

                      my arms are full of kitty at the moment but will d0! thx! hope i find one of them; would  'splain it

                      • 8. Re: MySearchDial Virus/Hijack from Reader Update
                        ems11 Community Member

                        I noticed that a more recent discussion of this issue/problem (as it relates to MySearchDial) -- started in mid April was 'Locked' by Adobe on May 1st, 2014 -- I never use internet explorer but for the first time in a long time I was forced to do so today -- lo and behold 'mysearchdial' was the page IE opened to and was the page redirected on every new tab I attempted to open -- I naively thought this had to do with the recent Microsoft IE bug -- but upon reading the more recent post (which Adobe locked because they stated simply "THIS IS NOT ADOBE'S PROBLEM. END OF DISCUSSION') (see Re: Crap software like MySearchDial embedded in your update install files, stop doing that.)  and this post it is fairly obvious this IS Adobe's doing (I'm not saying intentionally but that does spare them the responsibility of dealing with this mess) -- I attempted to follow the guidance of other forums in removing the malware but it did not work -- I should point out that at least the other forums offered step-by-step instructions on  how to remove the malware -- adobe doesn't even have the regard for its customers to do the same (other than to point out that this 'may be' related to another malware file) -- and yes, I say customer because I pay for Adobe software, I'm not just griping about free adobe downloads --

                         

                        ADOBE FAIL - I will not purchase any further software from you in the future -- you have lost all respect with your utter lack of ownership of this matter and complete disregard for your customers

                        • 9. Re: MySearchDial Virus/Hijack from Reader Update
                          pwillener CommunityMVP

                          1. This is a user forum.  The topic that you mention was not closed by Adobe, but a user with moderator privileges.

                           

                          2. While Adobe software downloads may come bundled with some 3rd-party software (McAfee, Norton, Google Chrome), they are never infected with malware.  If you have proof that you downloaded malware from an adobe.com site, I'm sure Adobe would be very happy to know about it.

                          • 10. Re: MySearchDial Virus/Hijack from Reader Update
                            ems11 Community Member

                            Oh, I see so a 'user with moderator privileges' is entirely independent of Adobe -- such a user is not employed by Adobe, is not a consultant for Adobe and is not at ALL influenced by Adobe...I see.. do you have a bridge to sell me, too? -- the proof is in the all the comments and the google searches for this malware that all lead back to Adobe -- and no, I don't have direct proof now that it is already installed but I'm sure that's fine and convenient for you...you who are in no way, shape or form representing Adobe....spare me the BS

                            • 11. Re: MySearchDial Virus/Hijack from Reader Update
                              pwillener CommunityMVP

                              It is not I who needs any proof; if you can provide a link to infected Adobe software on an adobe.com website (e.g. where you downloaded it from), then I am sure that Adobe will investigate this very thoroughly.

                              • 12. Re: MySearchDial Virus/Hijack from Reader Update
                                ems11 Community Member

                                yes, once again, how convenient for YOU, yes, YOU don't need any proof, I just have to magically produce a post-install proof to Adobe, who you are "sure will investigate very thoroughly" --- I mean it almost sounds like you're reading from a company support page script and mission statement...very spot-on...bravo for the performance mr. or mrs. "I am not associated with Adobe" -- are you failed actor they hired to 'moderate' discussions?...either way I could care less what your 'response' is at this point, you provide empty statements of no value -- which is why I'm sure your an 'MVP'...once again, well done...

                                • 13. Re: MySearchDial Virus/Hijack from Reader Update
                                  MichaelKazlow CommunityMVP

                                  ems11,

                                   

                                  I am sorry you are had a problem. But Adobe Reader and Adobe Flash Player are very popular software. It is this popularity that makes its users such an inviting target. Many sites will do whatever they can to trick you into download and installing virus infected versions of Reader and Flash Player software. I get referred to download updates all of the time. To be safe, I always go back to the Adobe website directly to download the updates to avoid such problems. Neither Pat nor I are blaming you for what happened. These scammers can be very very convincing.

                                   

                                  I use http://get.adobe.com/reader/enterprise to download Adobe Reader and http://get.adobe.com/flashplayer to download the latest version of Flash Player.

                                   

                                  I will not say it is impossible for Adobe software to become virus infected. In fact, there may have been a case of that happening with shipped CDs (or perhaps floppies) a very very long time ago. It is so long ago, I cannot be sure if it was Adobe, but that is my recollection. The most vigilant of companies do get caught at times. It falls under the category of stuff happens. However, if the currently available downloads were infected these forums would be plagued with users complaining, including the moderators. Most of the very active moderators are quite security conscious and download security patches ASAP. You will also find that the moderators are quite willing to take Adobe to task for its failures. If you do not believe me, ask in the Forum Comments area what moderators think about the recent upgrade (or the change to Jive originally). You will find moderators as a group are not shy and will tell you exactly what they think.

                                   

                                  If Adobe had credible information that their installers were infected and did not check, then Adobe would be legally liable for the consequences.

                                   

                                  As Pat said, the previous thread was closed by an Adobe Moderator. While I did not close the previous thread, I will close this one as it does not appear that this discussion is providing users with anymore helpful information.