Jump to content
berty.heim

Internet Download Manager 6.35.12 (Spy)

Recommended Posts

berty.heim

Hi guys,
Surprise Spy (CocCoc) in latest version IDM 6.35_12
HK_CURRENT_USER / SOFTWARE / CocCoc

Share this post


Link to post
Share on other sites
Israeli_Eagle

Eh?? IDM works totally normal and there is no CocCoc at all, also not in my registry.

So......... Better ONLY use the original installer! :coolwink:

 

Edited by Israeli_Eagle

Share this post


Link to post
Share on other sites
Quilva

Its look like you got infection from other source......
I used it from Nsane and work clear...

Also tested these 2 repacks made by other peoples in my vmware malware lab and also look clean.

If you have still this instaler plz reupload me it i will check it out in free time :)

Share this post


Link to post
Share on other sites
berty.heim

I just reinstalled under VMware the application downloaded directly from IDM, identical result
HK_CURRENT_USER / Software / CocCoc

 

 

 

Il y a 11 minutes, Quilva a déclaré:

On dirait que vous Avez Été
infecté la source par ...... Une autre regard Je l'ai sous Nsane et used je travaille bien ...

Nous Avons also tested 2 bureaux à jour EFFECTUEES mises par d'Autres personnes Dans mon labo de logiciels malveillants vmware et également une apparence propre.

Si vous avez toujours cet instaler, vous devez le télécharger à nouveau, je le vérifie pendant le temps libre :)

 

Share this post


Link to post
Share on other sites
Israeli_Eagle

Old rule: Patch the installed IDM before running it!! :towel:

And works still perfect with @Ali.Dbg. And for sure no CocCoc, whatever that might be...

Share this post


Link to post
Share on other sites
DeLtA

IDM is not spying on you, that Registry is created for installing IDM extension to CocCoc Browser. via IDMan.exe while installation. This happens via "/rtr" Command. Same command that is used to install IDM extensions on all other browsers including (Chrome, Firefox, etc).

 

Spoiler

BB4o1wX.png

 

Share this post


Link to post
Share on other sites
berty.heim

Ok thanks

Share this post


Link to post
Share on other sites
Israeli_Eagle
12 minutes ago, DeLtA said:

IDM is not spying on you, that Registry is created for installing IDM extension to CocCoc Browser. via IDMan.exe while installation. This happens via "/rtr" Command. Same command that is used to install IDM extensions on all other browsers including (Chrome, Firefox, etc).

 

  Hide contents

BB4o1wX.png

 

 

But that would mean that HE has installed already that weird browser, right? :D
Because in my registry is still nothing like that. Or only comes in a new install or some other software blocks it. Anyway... Looks for sure not dangerous.

 

Edited by Israeli_Eagle

Share this post


Link to post
Share on other sites
berty.heim
4 minutes ago, Israeli_Eagle said:

 

Mais cela voudrait dire qu'il était déjà installé ce navigateur étrange, non? :RÉ
Parce que dans mon registre, il n'y a toujours rien de tel.

Build 6.35_11 no CotCot 😜

Share this post


Link to post
Share on other sites
Quilva

hahahahaha Vietnam Browser and wonder why he got injection... probably IDM need this to hook process to this browser :D for working propertly.. lulz

Share this post


Link to post
Share on other sites
Israeli_Eagle
3 minutes ago, berty.heim said:

Build 6.35_11 no CotCot 😜

 

LOL... Anyway, does not look dangerous and nothing to worry.

 

Edited by Israeli_Eagle

Share this post


Link to post
Share on other sites
Stig

Yes, Build 12 has it.

 

CocCoc.jpg.8705fe0a69ee5dd53fc3678fe1e39621.jpg

Edited by Stig

Share this post


Link to post
Share on other sites
Israeli_Eagle

I also tested it now in a 'naked' Windows as VM. And yes, it came into the registry. But ONLY there!
So as @DeLtA told already, it's only a new feature. Nothing to worry, guys.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...