What is "Windows Production PCA 2011"?

K7MEM · Mar 29, 2022

I just received a notice about a "Potentially unwanted app" from Windows Security. When I click on the notice, it wants to run something. It asks me if I want to run it. But what is it? It's listed as "low" severity. How do I find out what the app is?

A 2011-03 Cumulative Update (KB5011563) just became available, Does it have anything to do with that?

Scott · Mar 29, 2022

K7MEM said:
How do I find out what the app is?

Google or DuckDuckGo is your friend.

Windows Production PCA 2011 at DuckDuckGo

DuckDuckGo. Privacy, Simplified.

duckduckgo.com

This article caught my eye

Bungling Microsoft singlehandedly proves that golden backdoor keys are a terrible idea

Redmond races to revoke Secure Boot policy

www.theregister.com

glasskuter · Mar 29, 2022

Everything you might want to know about potentially unwanted apps and defender is in here. Protect your PC from potentially unwanted applications

AddRAM · Mar 30, 2022

It has to be something you installed.
That pop up doesn`t appear for noting.

K7MEM · Mar 31, 2022

AddRAM said:
It has to be something you installed.
That pop up doesn`t appear for noting.

That was my first thought. But I didn't install anything for over a month. I checked the event log and found nothing unusual. When I received the popup, I was just working on a HTML file in a text editor. And, that is the only popup I have ever seen on this computer.

There was a update available, so I downloaded and installed it. The install worked fine, but didn't remove the problem.

I can still see it under Windows Security -> Protection History, but it won't let me delete it. It shows "severity low". If I click on it, it tries to run something. What I was able to look up is that, it is trying to disable secure boot. Why would it want to do that?

There was a small blue shield hidden in the task bar. I looked in the Task Manager and saw shield running, so I deleted it. It's still listed in Protection History, but it's not bothering me, so I will ignore it for now.

glasskuter · Mar 31, 2022

K7MEM said:
How do I find out what the app is?

In Windows security, protection history, click on the item. The UAC warning with appear> Click Yes. It should then point you to the executible path and tell you what it is. Click the down arrow under 'actions' if it is an app you want to allow.

K7MEM said:
What I was able to look up is that, it is trying to disable secure boot

If something is trying to disable secure boot, it would be worrisome to me.

K7MEM · Mar 31, 2022

glasskuter said:
In Windows security, protection history, click on the item. The UAC warning with appear> Click Yes. It should then point you to the executible path and tell you what it is. Click the down arrow under 'actions' if it is an app you want to allow.

If something is trying to disable secure boot, it would be worrisome to me.

Well, that was very helpful. I was afraid to "Click Yes". But when I did, it gave me more information.

It says it detected "PUADlManager:Win32/DotBundler" and said the infected item was a Astec Power Supply manual that I downloaded on 8/28/2020 ! ! Why did it wait so long?

I have several power supply manuals, but they are all PDFs. This download in question was a ".exe" file. I don't recall ever running it and I don't' remember why I downloaded it. I don't trust most ".exe" files. The best I can tell is, this file contains some obnoxious advertising.

The details say "This program has potentially unwanted behavior.". Under "Actions" it only lists "Allow on Device". So since I don't need it, I am just going to delete it.

glasskuter · Mar 31, 2022

K7MEM said:
This download in question was a ".exe" file

That would be a flag for me. If ever you have doubt about any downloaded file of any kind, right click on the file and select 'scan with Windows Defender from the context menu. Likewise, you can select 'scan with Malwarebytes.'

AddRAM · Mar 31, 2022

Could be a false positive.

K7MEM · Apr 1, 2022

Yes, it probably was a "red" flag to me, when it was downloaded in 2020. But I don't go through my "download" directory very often.

And, yes, it could also be a false positive. But I didn't need it, so I just deleted it and emptied the trash.

Because most of the files in the "download" directory are pretty old, I'm going to go through them and delete anything that I really don't need. Then I will fire up another system scan.

AddRAM · Apr 1, 2022

You should keep a folder for every driver and program you use on your system, in your Downloads folder and keep it up to date, and keep it backed up too. Should you want to do a clean install or God forbid something happens to windows, you have everything you need. You should be keeping your Downloads folder nice and neat. :)

What is "Windows Production PCA 2011"?

Member

My Computer

Well-known member

My Computers

Well-known member

My Computers

R.I.P.

My Computers

Member

My Computer

Well-known member

My Computers

Member

My Computer

Well-known member

My Computers

R.I.P.

My Computers

Member

My Computer

R.I.P.

My Computers

Similar threads