First a little disclaimer this is happening in a corporate environment on multiple systems and I did not see anything explicitly against this so here goes.
This is happening on Windows 7 x64 and Windows 10 x64 machines alike (both enterprise).
Multiple users (myself included) came in this morning to a strange unknown unwarranted popup. We have been telling users to hit cancel but I have refrained from doing so yet on my own PC for investigatory purposes.
So naturally we immediately recognized this as the normal Dell BIOS update prompt when run from Windows environment. This caused us great concern because we have not pushed any such updates. We do have in house WSUS and a K1000 appliance that could technically prompt for this but it was nothing we did.
So I started looking into it further and looked at what task was trying to run (show below)
I also found this in my startup which gives no other information about it as well.
So my next step was to look in the event viewer around the time of the modified date/time of the file in question. I found the following 2 entries of concern at almost the exact same time.
Now the DBUtil_2_3 itself is generally safe but since it was modified at the exact time this all started I have my doubts. Here is the file details of this file.
This is the file that is trying to run named GetDockVer32W.exe located in C:\Windows\temp folder. (I have more information of what happens after I allow it to run I did on an offline computer if needed)
I checked with Dell and this is not their normal naming scheme and they do not have any information about this file.
I also used power shell to find any other files created in this time window when this was all trying to execute. Here are my results of all the files it created/modified.
Other than McAfee Enterprise 8.8 patch 8 not finding anything I also ran a malware bytes scan which didn't detect anything crazy either. MWB did detect my Dell System Detect as a PUP but I am assuming this is a false positive as this was installed months before and none of the other affected computers have this installed.