Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Accidently downloaded wrong file?


  • Please log in to reply
7 replies to this topic

#1 PrevailGFX

PrevailGFX

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:50 AM

Posted 31 July 2013 - 06:07 AM

I just reformatted, so I don't have Adblock yet, and I clicked an ad that said "Download" I didn't realize it was an ad until I opened the file, and it was a "MiPony download manager"

CLICK FOR VIRUSTOTAL LINK

(These can be posted here, right?)

Virustotal scan of it... Since I just formatted... here are my current processes after opening it, and closing it.

9ad32e617ad78dd8df2627085c479f92.png

The file says it downloaded from www.extrimdownloadmanager.com

Startup files
33a7198abd3b4cc2895b5a9527c0b3a4.png
Services
433af4b4d36471427414bd75d1d9d1ff.png

Currently scanning now with Malwarebytes
Edit: Malwarebytes found nothing..

I hope I have provided everything here that'd be needed... Just hoping I wasn't infected...

 

 

Thanks in advance.



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 AM

Posted 31 July 2013 - 07:21 AM

Mipony is a download manager specially designed to automate the downloading of files on free hosting sites such as Rapidshare, Fileserve, and Hotfiles. See this MiPony Review by TechReviews.Daily.

Thse detection results of (DownloadManagerSetup.exe) as W32/InstallCore is more of a Potentially Unwanted Program (PUP). A PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as malicious. They may also be defined somewhat differently by various security vendors.Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. This type of detection does not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine.

If you installed the program, you should be able to safelty remove it via Add/Remove Programs from the Control Panel or Programs and Features in Vista/Windows 7/8. If you didn't install it, then just right-click on the file and choose delete...then empty the Recycle Bin.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 PrevailGFX

PrevailGFX
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:50 AM

Posted 31 July 2013 - 07:33 AM

Mipony is a download manager specially designed to automate the downloading of files on free hosting sites such as Rapidshare, Fileserve, and Hotfiles. See this MiPony Review by TechReviews.Daily.

Thse detection results of (DownloadManagerSetup.exe) as W32/InstallCore is more of a Potentially Unwanted Program (PUP). A PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as malicious. They may also be defined somewhat differently by various security vendors.

Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. This type of detection does not necessarily mean the file is malware or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine.

If you installed the program, you should be able to safelty remove it via Add/Remove Programs from the Control Panel or Programs and Features in Vista/Windows 7/8. If you didn't install it, then just right-click on the file and choose delete...then empty the Recycle Bin.

 

 

Is there any reasoning for the fact that Mipony's download page is hosted on www.mipony.net, but the file showed that it was downloaded from the aforementioned www.extrimdownloadmanager.com?



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 AM

Posted 31 July 2013 - 08:13 AM

It is not uncommon for some vendors to host their downloads elsewhere and provide re-direct links to another site. Mipony's main page has a large download button for users to click. The file name is called Mipony-Installer.exe. But that does not mean it isn't hosted elsewhere.

In this case, since you advised clicking on an ad by mistake...its difficult to ascertain if that was a legitimate mirrored download site for Mipony Download Manager. The file DownloadManagerSetup.exe could even be another vendor's download manager. I have seen the name associated with Dell and Crawler's Download Managers.

VirusTotal provides these results for that URL.
Norton Safe Web provides these results for that URL.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 PrevailGFX

PrevailGFX
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:50 AM

Posted 31 July 2013 - 08:19 AM

It is not uncommon for some vendors to host their downloads elsewhere and provide re-direct links to another site. Mipony's main page has a large download button for users to click. The file name is called Mipony-Installer.exe. But that does not mean it isn't hosted elsewhere.

In this case, since you advised clicking on an ad by mistake...its difficult to ascertain if that was a legitimate mirrored download site for Mipony Download Manager. The file DownloadManagerSetup.exe could even be another vendor's download manager. I have seen the name associated with Dell and Crawler's Download Managers.

VirusTotal provides these results for that URL.
Norton Safe Web provides these results for that URL.

 

So, you deem me fine, then?



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 AM

Posted 31 July 2013 - 08:34 AM

I don't see anything of concern in your above screenshots.

Usually when a computer is infected there will be other indications (symptoms of infection) something is wrong.

Did you accidentially install the download manager or just download it somewhere on your system?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 PrevailGFX

PrevailGFX
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:02:50 AM

Posted 31 July 2013 - 12:15 PM

I don't see anything of concern in your above screenshots.

Usually when a computer is infected there will be other indications (symptoms of infection) something is wrong.

Did you accidentially install the download manager or just download it somewhere on your system?

 

Downloaded it to my desktop, opened it, realized it said MiPony Download Manager and closed it.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,948 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:50 AM

Posted 31 July 2013 - 12:32 PM

Then just right-click on it, select delete and empty the Recycle Bin.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users