In 2.9.3 and 2.9.4 versions of DVR Examiner, certain versions of Windows Defender block the installation process; After further investigation, we found that our vendor’s installer software modifies the system screen saver registry:
This type of action is referred to as “PUM”. As per malwarebytes.com:
“PUM Stands for potentially unwanted modification. This is an alteration made to a computer’s registry (or other settings), which either damages the computer or changes its behavior, without knowledge of the user. Such unwanted alterations can be done by legitimate software, malware, grayware, or PUP.”
Such potentially unwanted modification caused Windows Defender to identify DVRExaminer.exe as a “Potentially Unwanted Application” (PUA): PUA:WIN32/COINMINER
We at DME Forensics, updated to the latest version of our vendor’s installer software, and verified that screensaver registries are no longer modified. Below is the outline on how DVR Examiner is flagged by Windows Defender as PUA in recent installer:
The report collected by MalwareBytes shows the exact modification of the registry keys by the installer:
Even if the PUM triggered by DVR Examiner’s installer is beyond DME Forensic’s control, we are working with the installer’s software vendor to solve this as soon as possible to avoid this from happening in the future.
We will share an update as soon as this happens, but for now please rest assured it is perfectly SAFE to install DVR Examiner on your system, as we are providing you a 100% legitimate software.
Feel free to contact us if you have any questions or concerns at firstname.lastname@example.org .