Welcome Dialog

Welcome to the Community!

We have a brand new look! Take a tour with us and explore the latest updates on Adobe Support Community.


Unknown App - Escalted Privilege File Operation Daemon

Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

Hello, 

Today I was restarting my computer running Windows 10 Pro Version 10.0.19042 Build 19042 when an app named Escalated Privilege File Operation Daemon prevented me from doing so. 

 

I did a bit of reading and found some information that put me on very high alert. 

"Privilege escalation happens when a malicious user exploits a bug, design flaw, or configuration error in an application or operating system to gain elevated access to resources that should normally be unavailable to them. The attacker can use the newly obtained privileges to steal confidential data, run administrative commands or deploy malware – and potentially do serious damage to your operating system, server applications, organization, and reputation." (Source: https://www.netsparker.com/blog/web-security/privilege-escalation/)

 

Also found this information on the Microsoft forum where Adobe software is mentioned as the cause of this app which is why I am writing on here.

 

"Bing search brings up a couple of websites which say that this relates to Adobe Extension Manager CS6. These, plus a few sites offering the .exe file as a download, are the only places I can find this app/process mentioned explicitly, and I have no idea about the reliability of the info.

However, the icon seen here is still used by Adobe Extension Manager CC, and I use Creative Cloud, so this would make sense, but the lack of info about this process is slightly unsettling nonetheless." (Source: March 7, 2021 Microsoft Forum user SamanthaDubuest) (https://answers.microsoft.com/en-us/windows/forum/all/escalated-privileges-file-operation-daemon-app...

Is this an extension of Adobe software or is this a threat I should seriously take a look into? 

 

Thank you, 

Gian Manuel 

TOPICS
Creative Cloud, Installation

Views

823

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

Seems FAR too early to upgrade to Windows 11. Adobe say this: https://helpx.adobe.com/download-install/kb/windows-11.html

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

I agree. Perdon but how is that related to my question above?

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

My apologies! I seem to have mixed up two messages. (Or the forum did, but it was probably me!)

 

You are right to be careful.

 

A little thought on privilege escalation. The page you linked to is about security concerns so it only looks at it from one point of view. Perhaps think of it this way... Privileges are related to what an app can do. Normally the privileges are kept low, so a Bad App can do less damage. But sometimes more privileges are needed, for example to install software. So it's normal for privileges to be escalated (increased) at times where it is needed. The aim of all malware creators is to be able to escalate privileges for their own evil purposes. So it's like a skeleton key - bad in the hands of a burglar, good in the hands of a locksmith.

 

My instinct would be to find the actual EXE and check its digital signature. You can't do anything based on what something is called, since the bad guys use names suggesting they are good guys. (Indeed, calling it "Escalated Privilege File Operation Daemon" would be an odd thing for a Bad App to do. It wants to be unnoticed, so it's more likely to call itself "Harmless Innocent app" or "Icon helper tool" or some such - but do check the signature, it's the only way.)

 

 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 15, 2021 Oct 15, 2021

Copy link to clipboard

Copied

LATEST

Thank you for taking the time to respond. Seems reasonable that a bad app would not be named as such. I tried finding that EXE but it is nowhere to be found. I'll keep an eye out and try to spot it and check. I'll update this thread if anything. 

 

Thank you again! 

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines