Avira Virus Lab

‹ Back


  • Name
  • Date discovered
    Jun 14, 2017
  • VDF version (2017-06-14 18:28)

This class of detection flags, Potentially Unwanted Applications (PUA), may compromise the user's privacy and the security of the local system. These are legitimate applications that often try to use social engineering to make the user install additional offers during the installation of the software the user originally wanted. A PUA application classification is the result of software, an advert, or a website exhibiting one or more offending behaviors and/or properties. A full PUA list is available at http://www.avira.com/en/potentially-unwanted-applications. This detection doesn't mean that the file is malicious. However, if the file was installed on the system without the user's knowledge, the user's privacy or system security might be compromised. Disabling this detection is only recommended for advanced users who understand the risks and how to use these applications.

  • VDF (2017-06-14 18:28)
  • Files
    The following files are created:
    • %TEMPDIR%\is-VCQE6.tmp\xYhxpHhhNM.dll
    • %TEMPDIR%\is-VCQE6.tmp\donate.bmp
  • Injections
    • %SYSDIR%\services.exe{<-\RPC Control\ntsvcs}
  • Aliases
    Dr. Web: Trojan.InstallCore.3052
    ESET: a variant of Win32/FusionCore.I potentially unwanted application
    G Data: Win32.Application.Agent.81Z3SX