G
Guest
Hi,
Once the information below is verified Defender needs to be updated.
Defender needs to correctly NOT warn for file C:\WINDOWS\system32\DDMI2.sys
as found in regkey HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SDDMI2. Although I
have not taken the time to contact Dell for verification (hoping MS has a
faster path to someone knowledgeable than I), it appears this software is
part of the Dell Support 3.x system from Gteko Ltd. Other parts are found in
C:\Program Files\WebCyberCoach\
A quick Google shows a bit of confusion about these files by users of
various spyware utilities at times, so Microsoft isn't the first and won't be
the last. Still, I'll breathe easier without false positives.
Thanks,
Rob Cohen
Windows Defender Version: 1.1.1051.0
Engine Version: 1.1.1185.0
Signature Version: 1.13.1276.16
Description:
This program has potentially unwanted behavior.
Advice:
Allow this detected item only if you trust the program or the software
publisher.
Resources:
regkey:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SDDMI2
file:
C:\WINDOWS\system32\DDMI2.sys
Category:
Not Yet Classified
Windows Defender Real-Time Protection agent has detected potential malware.
For more information please see the following:
http://www.microsoft.com
Scan ID: {1F611512-78CF-4120-AD45-8B7E1C52312B}
User: 700M\Robert
Threat Name: Unknown
Threat Id:
Threat Severity:
Threat Category:
Path Found: service:SDDMI2
Threat Classification: Unknown
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Once the information below is verified Defender needs to be updated.
Defender needs to correctly NOT warn for file C:\WINDOWS\system32\DDMI2.sys
as found in regkey HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SDDMI2. Although I
have not taken the time to contact Dell for verification (hoping MS has a
faster path to someone knowledgeable than I), it appears this software is
part of the Dell Support 3.x system from Gteko Ltd. Other parts are found in
C:\Program Files\WebCyberCoach\
A quick Google shows a bit of confusion about these files by users of
various spyware utilities at times, so Microsoft isn't the first and won't be
the last. Still, I'll breathe easier without false positives.
Thanks,
Rob Cohen
Windows Defender Version: 1.1.1051.0
Engine Version: 1.1.1185.0
Signature Version: 1.13.1276.16
Description:
This program has potentially unwanted behavior.
Advice:
Allow this detected item only if you trust the program or the software
publisher.
Resources:
regkey:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SDDMI2
file:
C:\WINDOWS\system32\DDMI2.sys
Category:
Not Yet Classified
Windows Defender Real-Time Protection agent has detected potential malware.
For more information please see the following:
http://www.microsoft.com
Scan ID: {1F611512-78CF-4120-AD45-8B7E1C52312B}
User: 700M\Robert
Threat Name: Unknown
Threat Id:
Threat Severity:
Threat Category:
Path Found: service:SDDMI2
Threat Classification: Unknown
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.