I was looking around for some adware to install on my lab machine to test a new cleaning feature that I’m working on for the FreeFixer tool, when I stumbled on a file digitally signed by HARASAN PRAPAPON. I’m writing this post to warn you about the file. Typically the files is named after some popular TV-series or movie.
If you are hesitating with the following UAC prompt saying HARASAN PRAPAPON is the publisher, I strongly suggest you click the No button.
Tip: You can also check a digital signature by right-clicking on a file -> Properties -> Digital Signature.
So what’s the problem with the HARASAN PRAPAPON signed file? Here’s the detection results, which should convince you:
- Malwarebytes PUP.Optional.OneClickDownloader.A
- Kingsoft Win32.Troj.Generic.a.(kcloud)
I’m sure the other anti-virus programs will pick up this file sooner than later.
Did you also find a file signed by HARASAN PRAPAPON? What are the anti-virus programs calling it? (Hint: upload it to www.virustotal.com)
I have downloaded “Autodesk_Flow_Design_2014_x64_rar.exe”, a strange file with strange name and strange size (423kb only), so I searched the digitally sign HARASAN PRAPAPON and find your website.Thanks for the warning !
Happy to hear you avoided some late night adware cleaning 😉
Thanks, I wanted to download the lego movie and I’ve searched for HARASAN PRAPAPON and found your advice thakns 😉