This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PUA detected: 'SpiGot'

Hi

We have received multiple PUA's on 100 to 150 machines. The detected files are basically java script examples : after.js and background.js

please find the example : PUA detected: 'SpiGot' at 'C:\Users\k113899\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lbpcfgdgiemlcaggjhjcinhblflmgdlj\2.2_0\after.js'

 

These detection's came in off business hours and today we might see more users with the same alert. 

 

So my question is did this alert triggered from Sophos end ?

 



This thread was automatically locked due to age.
Parents
  • Hello Amit Thakur,

    with 100 to 150 machines you're likely not referring to a Free Tool, aren't you?

    Anyway, you can see from the analysis that the detection has been updated on September 29th, it could be gung-ho or it could be right. The path suggests it's loaded as extension in Chrome. As it's classified as Potentially Unwanted Application it's up to you to decide whether it's actually unwanted or not.

    Christian

  • No i'm not referring to a Free Tool here

     

    But also simply we can't ignore the alert as it is coming under Adware category. After the scheduled scan we can still see the PUA alert.

    Let us know apart from clearing it what else we can do to find it out how it came so sudden in more than 100+ machines or if any suggestions to proceed with regarding this PUA

     

    Thanks

Reply
  • No i'm not referring to a Free Tool here

     

    But also simply we can't ignore the alert as it is coming under Adware category. After the scheduled scan we can still see the PUA alert.

    Let us know apart from clearing it what else we can do to find it out how it came so sudden in more than 100+ machines or if any suggestions to proceed with regarding this PUA

     

    Thanks

Children