Virus & Spyware

Last reply by 03-04-2022 Solved
Start a Discussion
2 Bronze
2 Bronze
9949

Dell Update triggers CryptoStealBTC warning with Microsoft Antimalware

Is this a known false positive? This reddit page seems to indicate the problem is widespread.

i cant remove or put in quarantine "trojan:html/cryptostealbtc" : antivirus (reddit.com)

 

Solution (1)

Accepted Solutions
Community Manager
2020

As pointed out above, here is an update on this.

Per the link: A recent update to Windows Defender has caused it to incorrectly identify SupportAssist as malware. Dell is working closely with Microsoft to resolve this issue and correct the false positive.

* User with SupportAssist auto updates enabled should not be impacted
* User with SupportAssist auto updates disabled should update Microsoft Defender virus definitions to version 1.359.1239.0 or higher

 

If still under warranty, click the "Get help now" icon on the right to start a live chat session.
Find your Service Tag

View solution in original post

Replies (19)
2 Bronze
2 Bronze
6764

I got the crytosteal warning also and that Reddit thread has become pretty active with people asking about it.  Anyone from Dell can you post here to let us know if this is a false positive?

2 Bronze
2 Bronze
6696

I got the same warning too, don't know if its a false positive or an actual threat yet, would love some clarification

2 Bronze
2 Bronze
6628

Windows Defender is flagging this so this might be a Microsoft issue vs. a Dell issue.

When I got this notification I went into protection history and selected the action to remove the threat and it said that the remediation is incomplete and failed. Then I did a full scan, got the notification and when I selected the remove action protection history shows that the threat was removed. Another full scan now shows no threats detected.  So false positive with inconsistent removal results? 

2 Bronze
2 Bronze
6608

I have just got it on Dell Xps 15 9510, my dell is 3 days old and I didn't have time to download anything.

If you start a complete scan you can quarantine it...

6356

I have a 9510 as well, about a month old running Windows 11. Mine should be up to date, as I run updates as soon as I can. I just received this notification a few minutes ago.

2 Bronze
2 Bronze
5794

Dell, where are you??

2 Bronze
2 Bronze
5758

These sure appear to be false positives, but it would be great to get confirmation.

As an aside, Dell hasn't done itself any favors with the apparent typo in the related executable name (note the missing "i" after the second "d" in "DellSupportAssistRemedationService.exe")

2 Bronze
2 Bronze
5728

Just received this notification on my work laptop: Dell Latitude 9420.

10 Diamond
5592

I pinged my Dell contacts earlier today and provided the link to this thread and to the Reddit thread.

Stay tuned...

Ron

   Forum Member since 2004
   I'm not a Dell employee

Latest Solutions
Top Contributor