ssdupdate

Topic

New Reply

Three or four days in a row now, I’ve gotten a protection warning that ssdupdate.exe was trying to access \device\hadrdisk\DR0   I”ve allowed it each time and then [as just now] it pops up and asks again.

I *think* ssdupdate is OK [yes?] but I dunno why when I tell win10 “allow on device” it keeps coming back the next night and asking again.  Should I just keep allowing it, or just ignore it?

Reply | Quote

Replies

Though I have an SSD, I do not have ssdupdate anything on my laptop. No idea what it is. maybe some “helpful” app from some outside source. I would get rid of it unless you know where it came from and want/need it.

Reply | Quote

ssdupdate.exe is a part of the support S/W that comes on Dell PC’s.

You can prevent the message from recurring by adding it to the list of allowed apps.

Instructions:

Add or Remove Allowed Apps for Controlled Folder Access in Windows 10

1 user thanked author for this post.

berniec

Reply | Quote

Turns out that “authorizing” ssdupdate doesn’t help.  It appears that the Dell update downloads a new version everytime it wants to do an update and the new version gets a new, random-seeming version number.

sigh…

Reply | Quote

You can use wildcards in the folder path, file name and extensions in exclusion lists for Microsoft Defender.

Microsoft reference link:

• Use wildcards in the file name and folder path or extension exclusion lists

So C:\Windows\Temp\inv*_tmp\Executables should work to cover all the variations.

Reply | Quote

could youprovide a tiny bit more help.  I don’t see where I can put in the wildcarded path name.  The google docs link doesn’t do anything.  I went to the “allow a folder” page and tried to dig down to the wintemin… place and I get:

and this is where I’m at — you can see that the inv… folders aren’t there.  They must get deleted after they’re used [which, of course, is just proper behavior] but seems to make it hard to “allow” them

Reply | Quote

Defender is disabled on my machine because I use a 3rd party Anti-virus program so I can’t see Defender’s “allow a folder” page but, if it’s like my Anti-virus program, it should have an input box where you can simply “type” the path in instead of trying to dig down to a non-existent folder.

If that’s not available (or doesn’t work) you can try one of following powershell commands (note: if the command doesn’t work, you’ll get an error message.)

1- Removes protection from the specified path (may not work since the path is part of the C:\Windows\Temp directory which is protected by default whenever Controlled Folder Access is enabled.)

Remove-MpPreference -ControlledFolderAccessProtectedFolders "C:\Windows\Temp\inv*_tmp\Executables"

2- Disables the ASR (Attack Surface Reduction) rules for the specified path.

Remove-MpPreference -AttackSurfaceReductionOnlyExclusions "C:\Windows\Temp\inv*_tmp\Executables"

Note: the double quotes around the path are required.

Reply | Quote