• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Unknown App - Escalted Privilege File Operation Daemon

Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

Hello, 

Today I was restarting my computer running Windows 10 Pro Version 10.0.19042 Build 19042 when an app named Escalated Privilege File Operation Daemon prevented me from doing so. 

 

I did a bit of reading and found some information that put me on very high alert. 

"Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an application or operating system to gain elevated access to resources that should normally be unavailable to them. The attacker can use the newly obtained privileges to steal confidential data, run administrative commands or deploy malware – and potentially do serious damage to your operating system, server applications, organization, and reputation." (Source: https://www.netsparker.com/blog/web-security/privilege-escalation/)

 

Also found this information on the Microsoft forum where Adobe software is mentioned as the cause of this app which is why I am writing on here.

 

"Bing search brings up a couple of websites which say that this relates to Adobe Extension Manager CS6. These, plus a few sites offering the .exe file as a download, are the only places I can find this app/process mentioned explicitly, and I have no idea about the reliability of the info.

However, the icon seen here is still used by Adobe Extension Manager CC, and I use Creative Cloud, so this would make sense, but the lack of info about this process is slightly unsettling nonetheless." (Source: March 7, 2021 Microsoft Forum user SamanthaDubuest) (https://answers.microsoft.com/en-us/windows/forum/all/escalated-privileges-file-operation-daemon-app...

Is this an extension of Adobe software or is this a threat I should seriously take a look into? 

 

Thank you, 

Gian Manuel 

TOPICS
Creative Cloud , Installation

Views

6.5K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

Seems FAR too early to upgrade to Windows 11. Adobe say this: https://helpx.adobe.com/download-install/kb/windows-11.html

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

I agree. Perdon but how is that related to my question above?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

My apologies! I seem to have mixed up two messages. (Or the forum did, but it was probably me!)

 

You are right to be careful.

 

A little thought on privilege escalation. The page you linked to is about security concerns so it only looks at it from one point of view. Perhaps think of it this way... Privileges are related to what an app can do. Normally the privileges are kept low, so a Bad App can do less damage. But sometimes more privileges are needed, for example to install software. So it's normal for privileges to be escalated (increased) at times where it is needed. The aim of all malware creators is to be able to escalate privileges for their own evil purposes. So it's like a skeleton key - bad in the hands of a burglar, good in the hands of a locksmith.

 

My instinct would be to find the actual EXE and check its digital signature. You can't do anything based on what something is called, since the bad guys use names suggesting they are good guys. (Indeed, calling it "Escalated Privilege File Operation Daemon" would be an odd thing for a Bad App to do. It wants to be unnoticed, so it's more likely to call itself "Harmless Innocent app" or "Icon helper tool" or some such - but do check the signature, it's the only way.)

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

Thank you for taking the time to respond. Seems reasonable that a bad app would not be named as such. I tried finding that EXE but it is nowhere to be found. I'll keep an eye out and try to spot it and check. I'll update this thread if anything. 

 

Thank you again! 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Mar 19, 2022 Mar 19, 2022

Copy link to clipboard

Copied

Hello! Did anything ever happen to your computer or information after this?

The same thing just happened to me and I saw this thread. Not sure if I should reset my computer or if I should be worried lol.

Thanks!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Mar 21, 2022 Mar 21, 2022

Copy link to clipboard

Copied

Hey there!

 

Monitored my running processes for the next few days and it never showed up again. I don't think my information has been compromised either. But I am not an expert in any of this, so I can't confirm it's gone or harmless. 

 

If you find something, kindly share. I haven't reformat my computer because it entails so much work and it really gets in the way of my schedule. 

Good luck!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Mar 24, 2022 Mar 24, 2022

Copy link to clipboard

Copied

LATEST
Ok thank you for the response!

I personally reset my computer just to be safe but i'll let you know if
anything goes haywire 🙂

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines