-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdata_1.json
More file actions
30 lines (30 loc) · 3.47 KB
/
data_1.json
File metadata and controls
30 lines (30 loc) · 3.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
{
"PUP.TotalAV":{
"desc":"PUP.TotalAV is a fake antivirus program which is normally downloaded and installed as an independant file (not a bundle).\nThis program will ask for personal data and request payment.\nThis program can be removed by the Unwanted Program Removal tool, or by Malwarebytes's ADWCleaner (https://malwarebytes.com/adwcleaner)",
"tags":["scam","fakeav","pup"],
"company_responsible":"Protected net",
"removal_level":"normal",
"threat_level":"low",
"rm_steps":["kill","del"]
},
"PUP.MediaGet":{
"desc":"PUP.MediaGet is a unwanted program which can be downloaded and installed as an independant file, but most of the time is installed as part of a bundled install.\nFor more information, please see https://malwaretips.com/blogs/pup-adware-mediaget-removal/. \nThis threat is detected and removed by the Unwanted Program Removal tool. \nThe threat is detected by Malwarebytes as PUP.Optional.MediaGet, Microsoft as PUA:Win32/MediaGet, and Kaspersky as Not-a-virus:HEUR:Downloader.Win32.MegiaGet.gen., and can be removed using ADWCleaner or Hitman Pro.\nVirusTotal scan: https://www.virustotal.com/gui/file/af7b36c0f9f48f35315877e3cd5efb83c1a122a043ea9228db7da9c1c3c3120b/detection",
"tags":["pup","torrent","viabundle","adware"],
"company_responsible":"unknown",
"removal_level":"normal",
"threat_level":"low",
"rm_steps":["kill","del"]
},
"JokeProgram.TPSChallo":{
"desc":"JokeProgram.TPSChallo is a joke program created by The PC Security Channel (see https://www.youtube.com/watch?v=TtKlue9t2JU).\nThis program has two options - 'trick' and 'treat'. \nClicking 'trick' will cause the program to lock the screen, while 'treat' will subscribe you to the creator's YouTube channel.\nThe screenlocker does not presist reboot. To escape, just reboot your computer.\nThis program is detected by most antiviruses - see https://www.virustotal.com/gui/file/887ba691653fc5a6a91ea58a5993d0e999a4efc285dc10e21bca2bf0de7fe029?",
"threat_level":"low"
},
"Trojan.Linux.generic.2":{
"desc":"Trojan.Linux.generic.2 is a malicious program targeted at Linux systems.\nThis threat was primarily spread through a compromised NPM package.\nThis program may preform cryptomining, but due to the nature of how it was propagated, it has been classified as a trojan.\nFor more information, see https://www.virustotal.com/gui/file/28d5f75e289d652061c754079b23ec372da2e8feb1066a3d57381163b614c06c/detection and https://github.com/conventional-changelog/conventional-changelog/issues/282.",
"threat_level":"high"
},
"Spyware.Windows.hackedUA-Parser-JS":{
"desc":"Spyware.Windows.hackedUA-Parser-JS is the Unwanted Program Removal tool's detection of the malware spread via a hacked version of UA-Parser-JS.\n As the malicious code has been removed from that package, it is safe to install. However, anyone who had previous installed it may be infected.\nTo my knowlage, only version 0.7.29 contains the malitious code. \nOnce the UPRT has removed these threats, update the package to the latest version and run another antivirus.\nImportant note: This malware was installed as the result of the developer's account being compromised, and is not the fault of the developer. \nFor more information, please check out https://www.bleepingcomputer.com/news/security/popular-npm-library-hijacked-to-install-password-stealers-miners/ and the offical issuehttps://github.com/faisalman/ua-parser-js/issues/536 at https://github.com/faisalman/ua-parser-js/issues/536.",
"threat_level":"high"
}
}