Jump to content
max_vader

Dell System Detect PUP Registry Key False Positive

Recommended Posts

Today I was just surfing the web and malwarebytes asked me to delete PUP.Vulnerable.DellSystemDetect as PUP and I know this software is used to install drivers for dell and alienware machines and I used to have it installed.  I am guessing this is a false positive?  Also even though it probably is a false positive is it ok to delete I no longer have this software?

Share this post


Link to post
Share on other sites

Hi,

 

This is no false positive...

Please read here for more information: https://www.f-secure.com/weblog/archives/00002800.html

I suggest you uninstall/delete the DellSystemDetect you have and update to newest version.

http://www.dell.com/support/article/us/en/19/SLN117738/en

This version actually also deletes what malwarebytes detects and deletes - the vulnerable version :)

Share this post


Link to post
Share on other sites

Hi,

 

This is no false positive...

Please read here for more information: https://www.f-secure.com/weblog/archives/00002800.html

I suggest you uninstall/delete the DellSystemDetect you have and update to newest version.

http://www.dell.com/support/article/us/en/19/SLN117738/en

This version actually also deletes what malwarebytes detects and deletes - the vulnerable version :)

I no longer have the program, but deleted the key should I be ok?

Share this post


Link to post
Share on other sites

Hey Everyone, 

  We just published a blog post that talks about this specific detection. You can see it here:

 

http://wp.me/p2plUD-1WI

 

Thanks!

Share this post


Link to post
Share on other sites

Hi,

       I also had the same notification from Malwarebytes today. 3 items all associated with Dell System Detect were listed for removal. (If needed I pasted the scan results below from clipboard) I do have this programme installed, I think it came already installed with my Dell PC (bloatware ?) and have just ignored it although I occasionally use Dell's PC Checkup which I did the other day,updating it at the same time. I wonder if this is why Malwarebytes flagged these Dell System Detect items up on this occasion as it has never done so before. I did a bit of research online and looked on the Dell site which recommended updating Dell System Detect which I have now done. I am not sure whether I actually need Dell System Detect as my PC is a fairly old model  and is no longer under warranty. It  still runs OK though and meets my needs. I then turned to the MBAM forum and found this post, probably needed to come here first. So I have already updated Dell System Detect but have not, as yet, removed the Dell System Detect PUPS as wasn't sure initially what to do. Is it OK for me now to remove the three items as they are , I presume, associated with the older version of Dell System Detect that I had installed or have they been removed any way in the course of updating ? Perhaps I need to run another scan now ?

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03/04/2015
Scan Time: 15:14:59
Logfile:
Administrator: No

Version: 2.01.4.1018
Malware Database: v2015.04.02.06
Rootkit Database: v2015.03.31.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: User

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 537672
Time Elapsed: 39 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Vulnerable.DellSystemDetect, C:\Users\User\AppData\Local\Apps\2.0\E8X8PNHN.B6G\K6O6JXZT.W1M\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DELLSYSTEMDETECT.EXE, 1184, , [00ce392edcaecb6b0b42833007fc748c]

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
PUP.Vulnerable.DellSystemDetect, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, C:\Users\User\AppData\Local\Apps\2.0\E8X8PNHN.B6G\K6O6JXZT.W1M\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe, , [00ce392edcaecb6b0b42833007fc748c]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Vulnerable.DellSystemDetect, C:\Users\User\AppData\Local\Apps\2.0\E8X8PNHN.B6G\K6O6JXZT.W1M\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DELLSYSTEMDETECT.EXE, , [00ce392edcaecb6b0b42833007fc748c],

Physical Sectors: 0
(No malicious items detected)


(end)

 

Share this post


Link to post
Share on other sites

Hey Munchkin,

  I was hoping that Dell would remove the older version if the new version was installed, maybe that wasn't the case for you. I recommend going ahead and head over to Dell's website and install whatever their newest version is, here is a link:

 

http://www.dell.com/support/home/us/en/19/Eula/scan?sourcePage=H&scanType=TMC&loadSection=N&tabName=&SWA=Y

 

After that, update your Malwarebytes Anti-Malware and run another scan. If anything shows up, it should only be this:

 

Registry Values: 1
PUP.Vulnerable.DellSystemDetect, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|DellSystemDetect, 

 

go ahead and remove that as you no longer need it. Hopefully nothing will be detected and the newer version of Dell System Detect will have removed the old version. Thanks so much and I hope this helps you!

Share this post


Link to post
Share on other sites

Hi, thanks for the replies. There may have been a misunderstanding. I had already installed the latest version of Dell System Detect following the MBAM detection of these PUP's listed above. , prior to visiting the forum and reading the relevant posts. I had not at this point and still have not removed the PUPS that had shown up in the initial scan. The listed PUP's above relate to the old version. However I have noticed that I now have two versions of Dell System Detect listed in programmes. Dell System Detect and Dell System Detect - 1 so perhaps the older version was not removed. I will remove the listed PUP's and rescan.

Share this post


Link to post
Share on other sites

I removed the 3 PUP's to quarantine ( although only two appeared, the 'process' one was missing -  because it is a 'process' ?). Nothing was detected when I rescanned so presumably the PUP's had actually been removed when updated. The only problem is, I still have these two Dell System Direct files listed in programmes, Dell System Direct ,older one, and Dell System Detect -1 latest ? I suppose I just uninstall this older file ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.