Prompt to setup unknown device

Archive
1

Win 11. I'm receiving a persistent prompt on my workstation to setup a device.

The prompt reads "Click here to setup Anker F2 Pro_6F8B.", but I don't know what this device is.

Research indicates it facilitates Bluetooth connectivity, which for me triggers a red flag.

Could this create a potential intrusion?

Thank you.

... J

2

I have both Dell and HP devices in my network. One Dell as well as HP I have removed their support assistant software due to both being plagued with back door vulnerabilities in the past. Major players will always tell us things are fixed and good to go. Not in the reality I live in, always be vigilant.

Dell states they have patched this as far back as 2021:

https://www.bleepingcomputer.com/news/security/dell-supportassist-bugs-put-over-30-million-pcs-at-risk/

It reappeared again, twice in 2022:

https://www.dell.com/support/kbdoc/en-us/000200456/dsa-2022-139-dell-supportassist-for-home-pcs-and-business-pcs-security-update-for-multiple-security-vulnerabilities

https://www.dell.com/support/kbdoc/en-us/000204114/dsa-2022-190-dell-supportassist-for-home-and-business-pcs-security-update-for-multiple-proprietary-code-vulnerabilities

https://www.cvedetails.com/vulnerability-list/vendor_id-2234/product_id-56478/year-2023/Dell-Supportassist-For-Home-Pcs.html

* I don't trust it, your mileage may vary

HP has a listing of its own as well:

https://www.cvedetails.com/vulnerability-list/vendor_id-10/product_id-33528/HP-Support-Assistant.html#:~:text=Potential%20security%20vulnerabilities%20have%20been,and%20unauthorized%20modification%20of%20files.

https://support.hp.com/us-en/document/ish_5585999-5586023-16/hpsbgn03762

 

SA

3

Great info, and thank you.

I didn't provide authorization via the UAC (interestingly enough, the pending UAC was not showing up in the vertical Notifications bar). After about 15 periodic iterations of the popup, it stopped displaying.

I've shut off Bluetooth on my workstation.

I've reviewed all the relevant histories in the Norton Control libraries, and they're all clean, as far as I can tell. Next up are the scans you recommend.

The only lingering question is in my Dell SupportAssist utility; it's reporting there is one driver to be updated, but it won't allow me to review, potentially edit or cancel the install of that driver, whatever it's for. So my not allowing it to go ahead may prevent that utility from running again without my blindly approving whatever is pending. I'll see if Dell is interested in talking to me about that functionality.

Thanks again for your thoughts! Greatly appreciated!

4

Hello JFCIV. That device appears to be a smartcharge, bluetooth transmitter for a vehicle. Are you getting a UAC prompt as well to allow the setup? If so DO NOT click the UAC as it will most likely download a malicious payload. Microsoft itself has acknowledged they have allowed numerous drivers to pass their checks that were installing malware. This COULD be the case you are also seeing. Please read my post here for more information:

https://community.norton.com/en/forums/microsoft-whql-drivers-were-malware-infested

Is Windows 11 current with updates? If not that is the next thing to accomplish AFTER running a full system scan to see whether there are issues that can be detected.

SA