"AcroRd32.exe" Process on Windows 7

Q

What is the "AcroRd32.exe" process on windows 7? Is the "AcroRd32.exe" process a virus? Can I terminate the "AcroRd32.exe" process?

✍: FYIcenter.com

A

"AcroRd32.exe" process represents "Adobe Acrobat Reader DC " program.

"AcroRd32.exe" process is normally running under the parent process "Boot" as shown in the process tree below: 

Boot
   AcroRd32

On the Processes tab of "Task Manager", "AcroRd32.exe" process may be listed as: 

Image Name                 Memory   Description
--------------------   ----------   -----------
AcroRd32.exe              6,380 K   Adobe Acrobat Reader DC

Additional information about "AcroRd32.exe" process: 

Command line:
   "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" 
   "C:\Users\fyicenter\AppData\Local\Microsoft\Windows\Temporary Internet Files
   \Content.Outlook\K0J39AZK\....pdf"

Programe file information:
   Name: AcroRd32.exe
   Location: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
   Description: Adobe Acrobat Reader DC 
   Version: 15.23.20056.213124
   Size: 2187344 bytes
   Last modified: 1/17/2017 6:07:44 PM
   Company Name: Adobe Systems Incorporated
   
Some data files used:
C:\Windows
C:\Users\fyicenter\AppData\Local\Temp\acrord32_sbx
C:\Windows\SysWOW64
C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
C:\Users\fyicenter\AppData\Roaming\Microsoft\SystemCertificates\My
C:\Users\fyicenter\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
C:\Windows\SysWOW64\en-US\wshtcpip.dll.mui
C:\Windows\SysWOW64\en-US\wship6.dll.mui

Some registry keys used:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
HKLM\SYSTEM\ControlSet001\Control\SESSION MANAGER
HKLM\SYSTEM\ControlSet001\Control\Nls\CustomLocale
HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\HwOrder
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer

Some DLL libraries used:
C:\windows\SYSTEM32\ntdll.dll
C:\windows\SYSTEM32\wow64.dll
C:\windows\SYSTEM32\wow64win.dll
C:\windows\SYSTEM32\wow64cpu.dll
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
C:\windows\SysWOW64\ntdll.dll
C:\windows\syswow64\kernel32.dll
C:\windows\syswow64\KERNELBASE.dll
C:\windows\syswow64\USER32.dll
C:\windows\syswow64\GDI32.dll

"AcroRd32.exe" process is not a virus. But you should terminate "AcroRd32.exe" process. It keeps running in the background even you have closed the its UI interface.

 

Application Program Processes on Windows 7

⇒⇒Windows 7 Processes Tutorials

2017-03-04, 221👍, 0💬

Administration Adware Spyware Apache Bluetooth DOS Commands General Internet Connection Internet Explorer Media Center Media Player Mozilla Firefox MS Access Performance PHP Programming Security Silverlight Tips Tools Tutorials Windows 10 Windows 7 Windows 8 Windows Phone Windows Server 2012 Windows Vista Windows XP