Carbon Black Cloud: Dell Support Assist/PC Doctor flagged with incorrect reputation
book
Article ID: 285451
calendar_today
Updated On:
Products
Carbon Black Cloud WorkloadCarbon Black Cloud Endpoint Standard (formerly Cb Defense)Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)Carbon Black Cloud Prevention
Issue/Introduction
PC Doctor/ Dell Support Assist was recently updated on Endpoint
dbutil.vulnerability.cleanup.dll
Alerts for KNOWN_MALWARE appearing in console
Hash has not been corrected
Environment
Carbon Black Cloud Console: All Versions
Carbon Black Cloud Windows Sensor: All Supported Versions
Microsoft Windows: All Supported Versions
Cause
Dell Support Assist was recently updated and the hash af213010798bf17bd34dbbb6cdb8ab8f1a670f908b65f51901aeea9938bc491c is being flagged as KNOWN_MALWARE
Resolution
The hash af213010798bf17bd34dbbb6cdb8ab8f1a670f908b65f51901aeea9938bc491c for the dbutil.vulnerability.cleanup.dll has been updated and is now reporting correctly.
Additional Information
If devices have been offline since 8/6 they may trigger a FP alert due to the cached reputation but will pull down the correct rep upon sensor check-ins. If the reputation does not update after several sensor check-ins, please open a support case for further assistance.