Threats landscape >

Avira Virus Lab

Back

PUA/DriverTuner.ME.2

  • Name
    PUA/DriverTuner.ME.2
  • Date discovered
    Jan 19, 2018
  • Type
    Potential Unwanted Application
  • Impact
    Low 
  • Reported Infections
    High 
  • Operating System
    Windows
  • VDF version
    7.14.43.248 (2018-01-19 11:40)

Stay safe from all these threats with Avira Free Antivirus.

Avira Free Antivirus Download Free

This class of detection flags, Potentially Unwanted Applications (PUA), may compromise the user's privacy and the security of the local system. These are legitimate applications that often try to use social engineering to make the user install additional offers during the installation of the software the user originally wanted. A PUA application classification is the result of software, an advert, or a website exhibiting one or more offending behaviors and/or properties. A full PUA list is available at http://www.avira.com/en/potentially-unwanted-applications. This detection doesn't mean that the file is malicious. However, if the file was installed on the system without the user's knowledge, the user's privacy or system security might be compromised. Disabling this detection is only recommended for advanced users who understand the risks and how to use these applications.

  • VDF
    7.14.43.248 (2018-01-19 11:40)
  • Processes
    Array
  • Files
    The following files are created:
    • %TEMPDIR%\is-HCLJI.tmp\%executed_sample_name%.tmp
    • %TEMPDIR%\is-NG9E7.tmp\%executed_sample_name%.tmp
    • %TEMPDIR%\Setup Log 2018-01-19 #001.txt
    • %TEMPDIR%\is-NTF8M.tmp\_isetup\_setup64.tmp
    • %PROGRAM FILES% (x86)\writetest.tmp
    The following files are changed:
    • %TEMPDIR%\is-NG9E7.tmp\%executed_sample_name%.tmp
    • %TEMPDIR%\Setup Log 2018-01-19 #001.txt
    • %TEMPDIR%\is-NTF8M.tmp\_isetup\_setup64.tmp
    • %PROGRAM FILES% (x86)\writetest.tmp
    The following files are deleted:
    • %PROGRAM FILES% (x86)\writetest.tmp
    • %TEMPDIR%\is-NTF8M.tmp\groupresult.txt
    The following drivers are loaded:
    • \Device\KsecDD
    • %WINDIR%\win.ini
    • \Device\NamedPipe\
    • %SYSDIR%\oleaccrc.dll
    • %WINDIR%\SysWOW64\en-US\KERNELBASE.dll.mui
    • %SYSDIR%\netmsg.dll
    • %TEMPDIR%\%executed_sample%
    • %TEMPDIR%\is-NG9E7.tmp\%executed_sample_name%.tmp
    • %WINDIR%\Globalization\Sorting\sortdefault.nls
    • %TEMPDIR%\Setup Log 2018-01-19 #001.txt
    • %SYSDIR%\imageres.dll
    • %SYSDIR%\shell32.dll
    • %PROGRAM FILES% (x86)\writetest.tmp
    • %TEMPDIR%\is-NTF8M.tmp\groupresult.txt
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC\statecache.lock
    • %APPDATA%\Local\Microsoft\Windows\WER\ReportArchive
    • %PROGRAMDATA%\Microsoft\Windows\WER\ReportArchive
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC
    • %SYSDIR%\en-US\prnfldr.dll.mui
    • %SYSDIR%\en-US\netshell.dll.mui
    The following files are executed:
    • \Device\KsecDD
    • %WINDIR%\win.ini
    • \Device\NamedPipe\
    • %SYSDIR%\oleaccrc.dll
    • %WINDIR%\SysWOW64\en-US\KERNELBASE.dll.mui
    • %SYSDIR%\netmsg.dll
    • %TEMPDIR%\%executed_sample%
    • %TEMPDIR%\is-NG9E7.tmp\%executed_sample_name%.tmp
    • %WINDIR%\Globalization\Sorting\sortdefault.nls
    • %TEMPDIR%\Setup Log 2018-01-19 #001.txt
    • %SYSDIR%\imageres.dll
    • %SYSDIR%\shell32.dll
    • %PROGRAM FILES% (x86)\writetest.tmp
    • %TEMPDIR%\is-NTF8M.tmp\groupresult.txt
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC\statecache.lock
    • %APPDATA%\Local\Microsoft\Windows\WER\ReportArchive
    • %PROGRAMDATA%\Microsoft\Windows\WER\ReportArchive
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC
    • %SYSDIR%\en-US\prnfldr.dll.mui
    • %SYSDIR%\en-US\netshell.dll.mui
  • Registry
    The following registry entries are added:
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Owner": "Ì ,S÷šP‘Ó")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("SessionHash": "y» *T´f šÚò£ÃÓ·ٔÉ$ßúyN³ÔÓ~1G")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Sequence": "1")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "#ACBlob ŠìöOJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.101.2-13455933312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "#ACBlob ÂˆPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.103.2-13457813312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "#ACBlob „tPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.100.1-13458593312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "#ACBlob „tPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.102.2-13458593312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlobt…ü")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting ("LastQueuePesterTime": "131153085856669921")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlobþ")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobtem")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "#ACBlob€dm¼=mQJ‘Ó{01979c6a-42fa-414c-b8aa-eee2c8202018}.notification.0er.txt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobYSTE")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\26\52C64B7E ("LanguageList": "en-USen")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("LanguageList": "en-USen")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("prnfldr.dll,-8036": "Printers")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("netshell.dll,-1200": "Network Connections")
    The following registry entries are changed:
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Owner": "Ì ,S÷šP‘Ó")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("SessionHash": "y» *T´f šÚò£ÃÓ·ٔÉ$ßúyN³ÔÓ~1G")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Sequence": "1")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "#ACBlob ŠìöOJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.101.2-13455933312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "#ACBlob ÂˆPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.103.2-13457813312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "#ACBlob „tPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.100.1-13458593312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "#ACBlob „tPJ‘Ó{E8433B72-5842-4d43-8645-BC2C35960837}.notification.102.2-13458593312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlobt…ü")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting ("LastQueuePesterTime": "131153085856669921")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlobþ")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobtem")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "#ACBlob€dm¼=mQJ‘Ó{01979c6a-42fa-414c-b8aa-eee2c8202018}.notification.0er.txt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobYSTE")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\26\52C64B7E ("LanguageList": "en-USen")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("LanguageList": "en-USen")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("prnfldr.dll,-8036": "Printers")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\27\52C64B7E ("netshell.dll,-1200": "Network Connections")
  • Aliases
    ESET: a variant of Win32/UwS.DriverTuner.B application

Help make the web safer by sending us suspicious files/URLs to analyze

Submit your file/URL or Go to support.avira.com

Why submit a suspicious file?

If you encountered a suspicious file or website that’s not in our database, we’ll analyze it and determine whether it’s harmful. Our findings are then pushed out to our millions of users with their next virus database update. If you have Avira, you’ll get that update too. Don’t have Avira? Get it on our homepage.