Jump to content
New Members
  • 0
Sign in to follow this  
Followers 0
berty.heim

Internet Download Manager 6.35.12 (Spy)

Asked by berty.heim

Question

berty.heim    10

berty.heim
Posted

Hi guys,
Surprise Spy (CocCoc) in latest version IDM 6.35_12
HK_CURRENT_USER / SOFTWARE / CocCoc

Share this post

Link to post
Share on other sites

12 answers to this question

Recommended Posts

  • 0

Israeli_Eagle    1,608

Israeli_Eagle
Posted (edited)

Eh?? IDM works totally normal and there is no CocCoc at all, also not in my registry.

So......... Better ONLY use the original installer! :coolwink:

 

Edited by Israeli_Eagle
jabrwky reacted to this

Share this post

Link to post
Share on other sites
  • 0

Quilva    37

Quilva
Posted

Its look like you got infection from other source......
I used it from Nsane and work clear...

Also tested these 2 repacks made by other peoples in my vmware malware lab and also look clean.

If you have still this instaler plz reupload me it i will check it out in free time :)

jabrwky reacted to this

Share this post

Link to post
Share on other sites
  • 0

berty.heim
  • Inquirer
    •    10

    berty.heim
    Posted

    I just reinstalled under VMware the application downloaded directly from IDM, identical result
    HK_CURRENT_USER / Software / CocCoc

     

     

     

    Il y a 11 minutes, Quilva a déclaré:

    On dirait que vous Avez Été
    infecté la source par ...... Une autre regard Je l'ai sous Nsane et used je travaille bien ...

    Nous Avons also tested 2 bureaux à jour EFFECTUEES mises par d'Autres personnes Dans mon labo de logiciels malveillants vmware et également une apparence propre.

    Si vous avez toujours cet instaler, vous devez le télécharger à nouveau, je le vérifie pendant le temps libre :)

     

    Share this post

    Link to post
    Share on other sites
    • 0

    Israeli_Eagle    1,608

    Israeli_Eagle
    Posted

    Old rule: Patch the installed IDM before running it!! :towel:

    And works still perfect with @Ali.Dbg. And for sure no CocCoc, whatever that might be...

    jabrwky and Ali.Dbg reacted to this

    Share this post

    Link to post
    Share on other sites
    • 0

    DeLtA    1,784

    DeLtA
    Posted

    IDM is not spying on you, that Registry is created for installing IDM extension to CocCoc Browser. via IDMan.exe while installation. This happens via "/rtr" Command. Same command that is used to install IDM extensions on all other browsers including (Chrome, Firefox, etc).

     

    Spoiler

    BB4o1wX.png

     

    Israeli_Eagle, GlacialMan, nOkialpha and 2 others reacted to this

    Share this post

    Link to post
    Share on other sites
    • 0

    Israeli_Eagle    1,608

    Israeli_Eagle
    Posted (edited)
    12 minutes ago, DeLtA said:

    IDM is not spying on you, that Registry is created for installing IDM extension to CocCoc Browser. via IDMan.exe while installation. This happens via "/rtr" Command. Same command that is used to install IDM extensions on all other browsers including (Chrome, Firefox, etc).

     

      Hide contents

    BB4o1wX.png

     

     

    But that would mean that HE has installed already that weird browser, right? :D
    Because in my registry is still nothing like that. Or only comes in a new install or some other software blocks it. Anyway... Looks for sure not dangerous.

     

    Edited by Israeli_Eagle

    Share this post

    Link to post
    Share on other sites
    • 0

    berty.heim
  • Inquirer
    •    10

    berty.heim
    Posted
    4 minutes ago, Israeli_Eagle said:

     

    Mais cela voudrait dire qu'il était déjà installé ce navigateur étrange, non? :RÉ
    Parce que dans mon registre, il n'y a toujours rien de tel.

    Build 6.35_11 no CotCot 😜

    Share this post

    Link to post
    Share on other sites
    • 0

    Quilva    37

    Quilva
    Posted

    hahahahaha Vietnam Browser and wonder why he got injection... probably IDM need this to hook process to this browser :D for working propertly.. lulz

    jabrwky reacted to this

    Share this post

    Link to post
    Share on other sites
    • 0

    Israeli_Eagle    1,608

    Israeli_Eagle
    Posted (edited)
    3 minutes ago, berty.heim said:

    Build 6.35_11 no CotCot 😜

     

    LOL... Anyway, does not look dangerous and nothing to worry.

     

    Edited by Israeli_Eagle
    jabrwky reacted to this

    Share this post

    Link to post
    Share on other sites
    • 0

    Israeli_Eagle    1,608

    Israeli_Eagle
    Posted

    I also tested it now in a 'naked' Windows as VM. And yes, it came into the registry. But ONLY there!
    So as @DeLtA told already, it's only a new feature. Nothing to worry, guys.

    Share this post

    Link to post
    Share on other sites

    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Answer this question...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×
    Sign in to follow this  
    Followers 0
    Go To Question Listing

    • Recently Browsing   0 members

      No registered users viewing this page.

    ×
    ×
    • Create New...