Unsolved
1 Rookie
•
4 Posts
0
222
Possible False Positive Alert after Dell Command Update IR_DIS.EXE
Dear All,
I hope this message finds you well.
Yesterday, one of our users executed a Dell command update to refresh their drivers. Subsequently, Microsoft Defender quarantined the files, flagging them as potential malware. We'd like to ascertain if this is indeed a false positive.
Here are the details:
- SHA1: 548e7ede7d00c84b86b9a7c709140c3635e7b079
- File Path: C:\ProgramData\Dell\drivers\d185472f-6f52-40af-9dd6-6026d1ecd3bc\ir_dis.exe
- VirusTotal: VirusTotal - File - 300ceadf8782bc7dac0f765ffb8361a2f8b54883da926fbbef51aa10f12d135a
Thank you and kind regards,
Gustavo
Odha
1 Message
0
October 19th, 2023 13:48
Hello,
We have another detection as well along with the ir_dis.exe. That is "ir_en.exe"
File Path: ProgramData\Dell\drivers\ebcec8f4-0293-43c5-a42b-a200a15dda25\ir_en.exe
SAH 256: f13ea94ae513f43690fda7dcdf42cee2e9d5a34d2d6dac8d72b366479f207b05
VT: https://www.virustotal.com/gui/file/f13ea94ae513f43690fda7dcdf42cee2e9d5a34d2d6dac8d72b366479f207b05