Author Topic: Dell Update Service. False positive? (Read 4050 times)

MetaSM · « **on:** July 05, 2020, 06:04:30 AM »

TL;DR: I started Alienware PC tonight, an Avast message appeared on start up. ( Pic 1 ) Can't find any "Dell_OSRI_CIC.exe" info. Its marked as a Trojan. Dell Update Service ran it.

Ive been on an Alienware Aurora 6 for a couple of years now, havent had any issues at all in the past. It came with all those Dell "Assist/Support" software, but I keep them mostly disabled so they wont auto-update without my consent.
Apparently last morning Dell's "InvColPC.exe" was updated/installed? right before I shut down the pc. ( Pic 2 ) I did wonder why shutting down was taking longer than usual on the SSD when there were no windows updates. Today at night when I started the PC it tried to run automatically which is when the Threat was detected. Whenever I look up "Dell_OSRI_CIC.exe" it only shows results about doing windows Recovery Images but can't find anything with the exact same file name.

Scans come up clean every time. I cant scan that file again, it was on a Temp folder and its no loger there. I am running Avast Premium Security.

Is there any info about it? Should I just remove everything related to Dell to be safe? This is what shows up when I run AdwCleaner: ( Pic 3 )

[ First time posting, is this the right forum? ]

Beko! · « **Reply #1 on:** July 05, 2020, 09:39:58 AM »

Same 'Threat secured' here....

Carlyleton · « **Reply #2 on:** July 05, 2020, 11:18:03 AM »

Same problem here, I'm on an Alienware m17.

Asyn · « **Reply #3 on:** July 05, 2020, 01:43:02 PM »

You can report a suspected FP (File/Website) here: https://www.avast.com/false-positive-file-form.php

MetaSM · « **Reply #4 on:** July 05, 2020, 03:23:18 PM »

I have now sent the file. I was a bit afraid I would have to take it out of the Virus Chest to report but I saw there was an Option to send the file for analysis directly from the Virus Chest's logged entry.

Beko! · « **Reply #5 on:** July 06, 2020, 09:57:28 PM »

I saw there was an Option to send the file for analysis

It took me some while to find the option, I meanwhile did the same.
Curious if there will be any feedback...

polonus · « **Reply #6 on:** July 06, 2020, 10:10:05 PM »

@Beko! & @MtaSM,

Thank you both for your contribution.
You guys keep us informed the moment that FP has been tackled and becomes [SOLVED] by avast team.

You did the responsible thing by reporting home on the official forums and from within the logs.
So the rest of the community may benefit.

Any good av-solution-service depends on the responsible behavior of the end-user.
Well done you two, and receive our due respect,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Author Topic: Dell Update Service. False positive? (Read 4050 times)

MetaSM

Dell Update Service. False positive?

Beko!

Re: Dell Update Service. False positive?

Carlyleton

Re: Dell Update Service. False positive?

Asyn

Re: Dell Update Service. False positive?

MetaSM

Re: Dell Update Service. False positive?

Beko!

Re: Dell Update Service. False positive?

polonus

Re: Dell Update Service. False positive?