» downloadxpro.exe
Overview
Analysis
File Details

downloadxpro.exe

DownloadX ActiveX Download Control 1.6

Software Development

The application downloadxpro.exe, “DownloadX ActiveX Download Control 1.6 Setup ” by Software Development has been detected as a potentially unwanted program by 39 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.

File name:

downloadxpro.exe

Publisher:

DownloadXCtrl.com (signed by Software Development)

Product:

DownloadX ActiveX Download Control 1.6

Description:

DownloadX ActiveX Download Control 1.6 Setup

Version:

1.6.8.0

MD5:

13e3a15a289e301c64620b908c2a674c

SHA-1:

6d323343b5c5938ff1d8297f1d301180da188809

SHA-256:

0b20898a5279cc7dc1a28aa490b2ee4cac6fb21e051e7736c02d98384aace97e

Scanner detections:

39 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

11/24/2024 6:40:00 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Parite.B

5760508

Agnitum Outpost

Win32.Parite.B

7.1.1

AhnLab V3 Security

Win32/Parite

2015.10.25

Avira AntiVirus

W32/Parite

7.11.30.172

Arcabit

Win32.Parite.B

1.0.0.585

avast!

Parite

151022-0

AVG

Win32/Parite

2015.0.4355

Baidu Antivirus

Virus.Win32.Parite.$b

4.0.3.151025

Bitdefender

Win32.Parite.B

1.0.20.1490

Bkav FE

W32.Pinfi.B

1.3.0.7383

Clam AntiVirus

Heuristics.W32.Parite.B

0.98/21003

Comodo Security

Virus.Win32.Parite.gen

23468

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.B virus

7.0.302.0

Fortinet FortiGate

Riskware/OpenCandy

10/22/2015

F-Prot

W32/Parite.B

4.6.5.141

F-Secure

Win32.Parite.B

5.14.151

G Data

Win32.Parite

15.10.25

IKARUS anti.virus

Virus.Parite

t3scan.1.9.5.0

K7 AntiVirus

Virus

13.212.17638

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.209.158.0

MicroWorld eScan

Win32.Parite.B

16.0.0.894

NANO AntiVirus

Trojan.Win32.OpenCandy.cufxmc

0.30.0.65070

Norman

Win32.Parite.B

03.12.2014 13:20:04

nProtect

Virus/W32.Parite.C

15.10.23.01

Panda Antivirus

W32/Parite.B

15.10.25.12

Quick Heal

W32.Perite.A

10.15.14.00

Rising Antivirus

PE:Virus.Parite!1.9B80[F1]

23.00.65.151023

Sophos

Virus 'W32/Parite-B'

5.20

Total Defense

Win32/Pinfi.A

37.1.62.1

Trend Micro House Call

Suspicious_GEN.F47V1219

7.2.295

Trend Micro

PE_PARITE.A

10.465.25

Vba32 AntiVirus

Virus.Win32.Parite.b

3.12.26.4

VIPRE Antivirus

Threat.46249

44732

ViRobot

Win32.Parite.A[h]

2014.3.20.0

Zillya! Antivirus

Virus.Parite.Win32.9

2.0.0.2471

File size:

14.8 MB (15,548,888 bytes)

Product version:

1.6.8.0

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Documents and Settings\{user}\My documents\downloads\downloadxpro.exe

Digital Signature

Signed by:

Software Development

Authority:

Unizeto Technologies S.A.

Valid from:

11/25/2013 2:44:12 PM

Valid to:

11/25/2014 2:44:12 PM

Subject:

E=info@downloadxctrl.com, CN=DownloadXCtrl.com, OU=Software Development, O=Software Development, C=HR

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

7EB2C518630B09F497BC4F2C845F248D

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

393216:tmgmp7uQP4u18+8oIumXxxBLSIHzYzARQkUlAKvztsb:txXQgu12umXzBnHGoJ4zub

Entry address:

0x14000

Entry point:

90, 90, 68, 68, EC, 96, 05, 59, BF, 1E, 40, 41, 00, 68, 98, 05, 00, 00, 5A, 90, 90, 31, 0C, 3A, 90, 83, EA, 03, 4A, 90, 90, 75, F4, 90, 80, 91, 97, 05, 68, EC, 96, 05, 68, EC, D6, 05, 90, 49, 96, 05, 58, 67, 7C, 05, B0, 7D, 7C, 05, 68, 5C, 94, 05, 97, 13, 69, FA, DC, 3C, D6, 05, 0C, 3E, D6, 05, 14, 3E, D6, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, DC, 4A, 96, 05, 0A, 3E, 96, 05, 12, 3E, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 68, EC, 96, 05, 74, 3D, D6, 05, 68, EC, 96, 05, 68, EC... 
[+]

Entropy:

7.9998 (probably packed)

Code size:

39.5 KB (40,448 bytes)

Remove downloadxpro.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.