alshall0 Posted January 12, 2010 After updating SAS Free Edition this morning and running a complete scan, it detected two seemingly legitimate files: C:\WINDOWS\REGISTEREDPACKAGES\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\SYSTEM\WPDMTP.DLL D:\MININT\SYSTEM32\DRIVERS\SYMMPI.SYS The first seems to be part of the Windows OS and has been on the computer since November 2007, and the second, which is on a protected recovery drive, seems to be an actual driver. I run a complete SAS scan every few days and haven't seen this detection before. I submitted a report for a possible false positive. Any additional information would be appreciated. Share this post Link to post Share on other sites
alshall0 Posted January 13, 2010 Updated to Core 4472 Trace 2290, which cleared the FP on C:\WINDOWS\REGISTEREDPACKAGES\{981FB688-E76B-4246-987B-92083185B90A}$BACKUP$\SYSTEM\WPDMTP.DLL. D:\MININT\SYSTEM32\DRIVERS\SYMMPI.SYS continues to show detection. Share this post Link to post Share on other sites