2 Posts
0
1022
Suspected malware on Dell driver download page
Hi, apologies if this is posted in the wrong place, but I feel I should alert someone of this. When I tried to download a driver update for my Dell Universal Dock D6000, I noticed that one of the downloads looked suspicious. This is what happens when I right-click and look at Properties:
Again, this was directly downloaded from the Dell website. It was this page: https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=f1txx&oscode=wt64a&productcode=dell-universal-dock-d6000. I saved it but did not run it because I like to keep a virus-free computer. But I want to make sure that doesn't happen to anyone else if this is indeed malware.
RoHe
10 Elder
10 Elder
•
43.6K Posts
0
July 7th, 2022 16:00
I don't think that's malware. If you look closely, that file is named 7z setup SFX (x86) which is legitimate 7-zip.org software that was modified by Oleg N. Scherbakov to create auto-extracting installation programs.
The module extracts compressed files (the "archive") and puts them into the user's temp folder, from where it runs a specified program (in this case, an "installer"). When it's done, it removes the temp files after the specified program finishes.
So SFX builder apparently was used to create the auto-installer .exe Dell used for that dock driver update.
You can always manually create a System Restore point before running that update so you can quickly remove it, if necessary.
And if you're still worried, you can also run a full malware scan after installing the update with something like Malwarebytes (free) or other malware detection app(s).
Besides, that driver was posted on Dell's site on 20 Aug 2021, so if it's malware, it would have been reported long before now.
peter924
2 Posts
0
July 18th, 2022 06:00
That explanation makes sense! Thanks.
RoHe
10 Elder
10 Elder
•
43.6K Posts
0
July 18th, 2022 10:00
Glad to have helped.