Today I was restarting my computer running Windows 10 Pro Version 10.0.19042 Build 19042 when an app named Escalated Privilege File Operation Daemon prevented me from doing so.
I did a bit of reading and found some information that put me on very high alert.
"Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an application or operating system to gain elevated access to resources that should normally be unavailable to them. The attacker can use the newly obtained privileges to steal confidential data, run administrative commands or deploy malware – and potentially do serious damage to your operating system, server applications, organization, and reputation." (Source: https://www.netsparker.com/blog/web-security/privilege-escalation/)
Also found this information on the Microsoft forum where Adobe software is mentioned as the cause of this app which is why I am writing on here.
"Bing search brings up a couple of websites which say that this relates to Adobe Extension Manager CS6. These, plus a few sites offering the .exe file as a download, are the only places I can find this app/process mentioned explicitly, and I have no idea about the reliability of the info.
However, the icon seen here is still used by Adobe Extension Manager CC, and I use Creative Cloud, so this would make sense, but the lack of info about this process is slightly unsettling nonetheless." (Source: March 7, 2021 Microsoft Forum user SamanthaDubuest) (https://answers.microsoft.com/en-us/windows/forum/all/escalated-privileges-file-operation-daemon-app...)
Is this an extension of Adobe software or is this a threat I should seriously take a look into?
I agree. Perdon but how is that related to my question above?
My apologies! I seem to have mixed up two messages. (Or the forum did, but it was probably me!)
You are right to be careful.
A little thought on privilege escalation. The page you linked to is about security concerns so it only looks at it from one point of view. Perhaps think of it this way... Privileges are related to what an app can do. Normally the privileges are kept low, so a Bad App can do less damage. But sometimes more privileges are needed, for example to install software. So it's normal for privileges to be escalated (increased) at times where it is needed. The aim of all malware creators is to be able to escalate privileges for their own evil purposes. So it's like a skeleton key - bad in the hands of a burglar, good in the hands of a locksmith.
My instinct would be to find the actual EXE and check its digital signature. You can't do anything based on what something is called, since the bad guys use names suggesting they are good guys. (Indeed, calling it "Escalated Privilege File Operation Daemon" would be an odd thing for a Bad App to do. It wants to be unnoticed, so it's more likely to call itself "Harmless Innocent app" or "Icon helper tool" or some such - but do check the signature, it's the only way.)
Thank you for taking the time to respond. Seems reasonable that a bad app would not be named as such. I tried finding that EXE but it is nowhere to be found. I'll keep an eye out and try to spot it and check. I'll update this thread if anything.
Thank you again!
Hello! Did anything ever happen to your computer or information after this?
The same thing just happened to me and I saw this thread. Not sure if I should reset my computer or if I should be worried lol.
Monitored my running processes for the next few days and it never showed up again. I don't think my information has been compromised either. But I am not an expert in any of this, so I can't confirm it's gone or harmless.
If you find something, kindly share. I haven't reformat my computer because it entails so much work and it really gets in the way of my schedule.