• Welcome to the Lightroom Queen Forums! We're a friendly bunch, so please feel free to register and join in the conversation. If you're not familiar with forums, you'll find step by step instructions on how to post your first thread under Help at the bottom of the page. You're also welcome to download our free Lightroom Quick Start eBooks and explore our other FAQ resources.
  • Stop struggling with Lightroom! There's no need to spend hours hunting for the answers to your Lightroom Classic questions. All the information you need is in Adobe Lightroom Classic - The Missing FAQ!

    To help you get started, there's a series of easy tutorials to guide you through a simple workflow. As you grow in confidence, the book switches to a conversational FAQ format, so you can quickly find answers to advanced questions. And better still, the eBooks are updated for every release, so it's always up to date.
  • Dark mode now has a single preference for the whole site! It's a simple toggle switch in the bottom right-hand corner of any page. As it uses a cookie to store your preference, you may need to dismiss the cookie banner before you can see it. Any problems, please let us know!

Malware from Adobe?

Status
Not open for further replies.

JPS2

New Member
Joined
Sep 5, 2015
Messages
23
Location
Denmark
Lightroom Experience
Intermediate
Lightroom Version
Upon updating Creative Cloud my McAfee said that CoreSyncCustomHook.exe is malware?
Is that true?
Peter
Denmark
 
I don't think so. On my computer this file exists on two locations:
C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\Customhook
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\Customhook

My computer is protected by Bitdefender and it has no problems with the CoreSyncCustomHook.exe
 
CoreSyncCustomHook.exe is a third party (Adobe?) DLL that is part of the Microsoft application compiler. Any application can include the file. If your copy is digitally signed by Adobe and has a valid signature, then most likely it was not infected by malware. Nefarious websites could introduce malware infected copies of CoreSyncCustomHook.exe but I think this unlikely if it is digitally signed by Adobe and has a valid signature.
Check out this link: What is this exe file? Is this file safe? Check here I think you might be able to D/L a trial of this Emsisoft Anti-Malware app to test your system
 
Thanks for your reply.
When disabling McAfee i updated CC, but McAfee soon found out and the two files are quarantined.
Are these files really necessary?
Peter
 
I don't think so. On my computer this file exists on two locations:
C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\Customhook
C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\Customhook

My computer is protected by Bitdefender and it has no problems with the CoreSyncCustomHook.exe

I have 2 computers, one protected by Norton Internet Security and Malwarebytes Pro, and the other by Malwarebytes Pro and MS Windows Defender.
Neither has had a problem.
 
Well, maybe McAfee has a problem.
I use Malwarebytes Pro and Defender and they see no problem after a scan (before McAfee removed the files).
I am not really using CC for images, so lets see what happen over time.
Lightroom and Photoshop works fine.
Peter
 
Adobe registers its files with various anti-virus software manufacturers. If your anti-virus is out of date, this can happen as the registration hasn't caught up to current yet.
 
Personally, I gave up on McAfee a number of years ago when someone or something blew through it one night after I had left Skype on (by mistake).
They had control of my system and wanted to sell me a fix. Nothing I had or could find would get rid of it.
I had to scrub the system, reformat, and reload everything.
 
Today I got the following message from McAfee: CoreSyncCustomHook.exe infected by Artemis!A104317B615B (Trojan Horse). I could not install the update for Adobe Creative Cloud. Adobe-Errorcode 183
McAfee VirusScan Enterprise 8.8 Patch 10 V 5900.7806 DAT-version 8771.0000 11.01.2018
I do not know if the file has a virus, or the virus scanner reports false alarm.
 
That still does not meant that McAfee has implemented the Adobe reference in their latest update.
And to Cletus' point, ever since Intel acquired McAfee in 2011 (and then sold it off in 2016,) McAfee is not the top-tier security products vendor they used to be.

Phil Burton
 
Status
Not open for further replies.
Back
Top