I have reason to believe I've found a virus transmitted by a widely-used application. How do I professionally...











up vote
0
down vote

favorite












My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.



The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).



I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.



Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:




  • OneDrive

  • MS Office Suite

  • Chrome Web Browser

  • Adobe Flash

  • Discord

  • Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve

  • Battle.net & Overwatch, Hearthstone, Destiny 2

  • Epic Games & Fortnite

  • League of Legends

  • Realm Royal


These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.




  • NotePad++

  • WireShark

  • Cisco Packet Tracer Student


So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.



While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.



It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**



Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?



Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?



As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?



*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).



**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents



This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions



In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!










share|improve this question













closed as too broad by DavidPostill Nov 20 at 21:35


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.















  • It is not unheard of itpro.co.uk/desktop-hardware/29396/…
    – JohnnyVegas
    Nov 20 at 1:58










  • What make and model of laptop?
    – JohnnyVegas
    Nov 20 at 1:58










  • @JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
    – Sarah Schnoor
    Nov 20 at 2:32















up vote
0
down vote

favorite












My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.



The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).



I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.



Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:




  • OneDrive

  • MS Office Suite

  • Chrome Web Browser

  • Adobe Flash

  • Discord

  • Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve

  • Battle.net & Overwatch, Hearthstone, Destiny 2

  • Epic Games & Fortnite

  • League of Legends

  • Realm Royal


These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.




  • NotePad++

  • WireShark

  • Cisco Packet Tracer Student


So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.



While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.



It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**



Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?



Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?



As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?



*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).



**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents



This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions



In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!










share|improve this question













closed as too broad by DavidPostill Nov 20 at 21:35


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.















  • It is not unheard of itpro.co.uk/desktop-hardware/29396/…
    – JohnnyVegas
    Nov 20 at 1:58










  • What make and model of laptop?
    – JohnnyVegas
    Nov 20 at 1:58










  • @JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
    – Sarah Schnoor
    Nov 20 at 2:32













up vote
0
down vote

favorite









up vote
0
down vote

favorite











My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.



The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).



I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.



Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:




  • OneDrive

  • MS Office Suite

  • Chrome Web Browser

  • Adobe Flash

  • Discord

  • Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve

  • Battle.net & Overwatch, Hearthstone, Destiny 2

  • Epic Games & Fortnite

  • League of Legends

  • Realm Royal


These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.




  • NotePad++

  • WireShark

  • Cisco Packet Tracer Student


So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.



While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.



It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**



Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?



Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?



As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?



*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).



**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents



This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions



In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!










share|improve this question













My new laptop was inflicted with a virus in relatively quarantined conditions. I say “quarantined” because I believe the circumstances surrounding its infection warrant the projection of a very limited number of hypotheses as to where it originated from. I say “relative” because I am well aware of how unfounded and aimless examinations of infected systems tend to be.



The procession was such:
Gifted to me was a brand-new laptop (mum broke my old one; then, in a kindhearted, over-compensating stride, she gifted me a new gaming laptop and a new gaming desktop; you can imagine my resultant eagerness to lend her things more often...;).



I went through the motions of initial setup (an endeavor largely conducted by Cortana: I did not stray). Memorably, the last steps of this automated experience were a series of searches for (and subsequent installation of) updates.



Once I was in the clear, I took more liberties in its configuration: I installed around 15 applications necessitated by my intended use of the laptop:




  • OneDrive

  • MS Office Suite

  • Chrome Web Browser

  • Adobe Flash

  • Discord

  • Steam & Steam Library: CSGO, PUBG, Witcher 3, Rust, Don’t Starve

  • Battle.net & Overwatch, Hearthstone, Destiny 2

  • Epic Games & Fortnite

  • League of Legends

  • Realm Royal


These next few are particularly worrisome (although not as widely-used) because I installed them at the request of my college.




  • NotePad++

  • WireShark

  • Cisco Packet Tracer Student


So, minimalistically, as described above, I fashioned the new laptop for use: And then I powered it down. I did not touch it again until I suspected it needed a Windows 10 Cumulative Update. I figured it needed one because my desktop* did.



While it was downloading the Windows 10 Cumulative Update, I set my laptop up for “clean boot”, because I was annoyed by how many start-up applications commenced upon powering it on the instance before.



It is fortunate that I did enabled a clean boot: Upon restarting, an all-too-familiar fake Adobe Flash Update prompt appeared on my screen. I knew some sort of trojan had been triggered, since the legitimate Adobe Updater is one of the applications suppressed by a “clean boot”.**



Am I wrong in being concerned that this was a trojan transmitted from downloading one of the widely-used applications I installed? Or, worst: A trojan transmitted within the Windows 10 Cumulative Update?



Are the circumstances surrounding the infection not exceptional enough to confidently trace its origin?



As a user of open source software which I suspect to be compromised, don’t I have some sort of obligation to decipher these events? If so, and upon conclusive analysis, to whom do I report my findings?



*Keep in mind I have a desktop too (which, yes, has this same virus and is equally as new—BUT the circumstances in which it contracted the virus weren’t as controlled and, thus, they do not offer as much insight).



**I had the sense to open Task Manager and locate the file with the executable before terminating the prompt:
C:WindowsSysWOW64MacromedFlash
These are the folder contents:
Folder Contents



This is the OS dialogue when I attempt to delete it:
Insufficient Delete Permissions



In response, I change the File permissions so that I am the owner and then, finally, I delete it. It stays away until the next time I there is a Windows 10 Cumulative Update. It is as if the virus is a time-bomb, conditionally set to appear upon OS update!







boot security virus open-source trojan






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 20 at 1:19









Sarah Schnoor

53




53




closed as too broad by DavidPostill Nov 20 at 21:35


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.






closed as too broad by DavidPostill Nov 20 at 21:35


Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.














  • It is not unheard of itpro.co.uk/desktop-hardware/29396/…
    – JohnnyVegas
    Nov 20 at 1:58










  • What make and model of laptop?
    – JohnnyVegas
    Nov 20 at 1:58










  • @JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
    – Sarah Schnoor
    Nov 20 at 2:32


















  • It is not unheard of itpro.co.uk/desktop-hardware/29396/…
    – JohnnyVegas
    Nov 20 at 1:58










  • What make and model of laptop?
    – JohnnyVegas
    Nov 20 at 1:58










  • @JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
    – Sarah Schnoor
    Nov 20 at 2:32
















It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58




It is not unheard of itpro.co.uk/desktop-hardware/29396/…
– JohnnyVegas
Nov 20 at 1:58












What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58




What make and model of laptop?
– JohnnyVegas
Nov 20 at 1:58












@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32




@JohnnyVegas Dell Gen7 15 dell.com/en-us/shop/dell-laptops/dell-g7-15-gaming/spd/…
– Sarah Schnoor
Nov 20 at 2:32















active

oldest

votes






















active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes

Popular posts from this blog

AnyDesk - Fatal Program Failure

How to calibrate 16:9 built-in touch-screen to a 4:3 resolution?

QoS: MAC-Priority for clients behind a repeater