Carbon Black Cloud: Dell Support Assist/PC Doctor flagged with incorrect reputation
Article ID: 285451
Updated On:
Products
Carbon Black Cloud Workload
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Carbon Black Cloud Prevention
Issue/Introduction
- PC Doctor/ Dell Support Assist was recently updated on Endpoint
dbutil.vulnerability.cleanup.dll
- Alerts for KNOWN_MALWARE appearing in console
- Hash has not been corrected
Environment
- Carbon Black Cloud Console: All Versions
- Carbon Black Cloud Windows Sensor: All Supported Versions
- Microsoft Windows: All Supported Versions
Cause
Dell Support Assist was recently updated and the hash af213010798bf17bd34dbbb6cdb8ab8f1a670f908b65f51901aeea9938bc491c is being flagged as KNOWN_MALWARE
Resolution
The hash af213010798bf17bd34dbbb6cdb8ab8f1a670f908b65f51901aeea9938bc491c for the dbutil.vulnerability.cleanup.dll has been updated and is now reporting correctly.
Additional Information
If devices have been offline since 8/6 they may trigger a FP alert due to the cached reputation but will pull down the correct rep upon sensor check-ins. If the reputation does not update after several sensor check-ins, please open a support case for further assistance.
Feedback
Yes
No
Powered by
