I have reason to believe I've found a virus transmitted by a widely-used application. How do I professionally...
up vote
0
down vote
favorite
My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.
The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).
I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.
Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:
- OneDrive
- MS Office Suite
- Chrome Web Browser
- Adobe Flash
- Discord
- Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve
- Battle.net & Overwatch, Hearthstone, Destiny 2
- Epic Games & Fortnite
- League of Legends
- Realm Royal
These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.
- NotePad++
- WireShark
- Cisco Packet Tracer Student
So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.
While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.
It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**
Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?
Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?
As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?
*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).
**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents
This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions
In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!
boot security virus open-source trojan
closed as too broad by DavidPostill♦ Nov 20 at 21:35
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
0
down vote
favorite
My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.
The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).
I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.
Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:
- OneDrive
- MS Office Suite
- Chrome Web Browser
- Adobe Flash
- Discord
- Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve
- Battle.net & Overwatch, Hearthstone, Destiny 2
- Epic Games & Fortnite
- League of Legends
- Realm Royal
These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.
- NotePad++
- WireShark
- Cisco Packet Tracer Student
So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.
While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.
It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**
Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?
Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?
As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?
*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).
**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents
This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions
In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!
boot security virus open-source trojan
closed as too broad by DavidPostill♦ Nov 20 at 21:35
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.
The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).
I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.
Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:
- OneDrive
- MS Office Suite
- Chrome Web Browser
- Adobe Flash
- Discord
- Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve
- Battle.net & Overwatch, Hearthstone, Destiny 2
- Epic Games & Fortnite
- League of Legends
- Realm Royal
These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.
- NotePad++
- WireShark
- Cisco Packet Tracer Student
So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.
While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.
It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**
Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?
Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?
As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?
*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).
**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents
This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions
In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!
boot security virus open-source trojan
My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.
The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).
I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.
Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:
- OneDrive
- MS Office Suite
- Chrome Web Browser
- Adobe Flash
- Discord
- Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve
- Battle.net & Overwatch, Hearthstone, Destiny 2
- Epic Games & Fortnite
- League of Legends
- Realm Royal
These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.
- NotePad++
- WireShark
- Cisco Packet Tracer Student
So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.
While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.
It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**
Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?
Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?
As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?
*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).
**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents
This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions
In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!
boot security virus open-source trojan
boot security virus open-source trojan
asked Nov 20 at 1:19
Sarah Schnoor
53
53
closed as too broad by DavidPostill♦ Nov 20 at 21:35
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
closed as too broad by DavidPostill♦ Nov 20 at 21:35
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32
add a comment |
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58
What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58
@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32