WeDownload Manager

By Domesticus in Potentially Unwanted Programs

Threat Scorecard

Ranking:	4,385
Threat Level:	20 % (Normal)
Infected Computers:	73,653

First Seen:	September 16, 2013
Last Seen:	September 19, 2023
OS(es) Affected:	Windows

WeDownload Manager is a potentially unwanted program that targets all web browsers that are installed on the compromised PC. WeDownload Manager may trace the affected web user's Internet surfing activities, display annoying pop-up advertisements and result in irritating diversions to misleading advertisement websites. WeDownload Manager may make target computer users visit associated websites and display pop-up advertisements that contain sponsored links. WeDownload Manager does not ask an authorization of the PC user to access the affected PC. WeDownload Manager usually comes packed together with freeware and shareware applications that Internet user can download online. WeDownload Manager makes modifications to the corrupted PC that may additionally result in annoying browser diversions and slow downs of the PC.

Table of Contents

SpyHunter Detects & Remove WeDownload Manager

File System Details

WeDownload Manager may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	The weDownload Manager-bho64.dll	a382f8fdbcaf7fb150ec1cf44927827f	820
Name: The weDownload Manager-bho64.dll MD5: a382f8fdbcaf7fb150ec1cf44927827f Size: 969.21 KB (969216 bytes) Detections: 820 Type: Dynamic link library Path: C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll Group: Malware file Last Updated: February 10, 2023
2.	The weDownload-bho64.dll	bba1269db0f7a2a5f08bf170c949515a	398
Name: The weDownload-bho64.dll MD5: bba1269db0f7a2a5f08bf170c949515a Size: 969.21 KB (969216 bytes) Detections: 398 Type: Dynamic link library Path: %PROGRAMFILES(x86)%\The weDownload Group: Malware file Last Updated: August 30, 2019
3.	Uninstall.exe	4eb2c1b2f97f3a9e39faa54f1fef9c2b	112
Name: Uninstall.exe MD5: 4eb2c1b2f97f3a9e39faa54f1fef9c2b Size: 77.31 KB (77312 bytes) Detections: 112 Type: Executable File Path: C:\Program Files (x86)\The weDownload Manager\Uninstall.exe Group: Malware file Last Updated: February 10, 2023
4.	Uninstall.exe.vir	17fda6aa05a402f281a5fd7b867a4f1a	48
Name: Uninstall.exe.vir MD5: 17fda6aa05a402f281a5fd7b867a4f1a Size: 77.31 KB (77312 bytes) Detections: 48 Path: C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload\Uninstall.exe.vir Group: Malware file Last Updated: April 16, 2022
5.	weDownload Manager Pro-buttonutil64.exe	08fc5817f51dd5370f717c1f2d54d723	8
Name: weDownload Manager Pro-buttonutil64.exe MD5: 08fc5817f51dd5370f717c1f2d54d723 Size: 423.93 KB (423936 bytes) Detections: 8 Type: Executable File Path: %PROGRAMFILES(x86)%\weDownload Manager Pro\weDownload Manager Pro-buttonutil64.exe Group: Malware file Last Updated: July 24, 2022
6.	weDownload Manager Pro-chromeinstaller.exe	8d2c38a37d47193c6e0b46121b763d0e	2
Name: weDownload Manager Pro-chromeinstaller.exe MD5: 8d2c38a37d47193c6e0b46121b763d0e Size: 573.44 KB (573440 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
7.	weDownload Manager Pro-codedownloader.exe	9c146000258222fd70ee7c34579730da	2
Name: weDownload Manager Pro-codedownloader.exe MD5: 9c146000258222fd70ee7c34579730da Size: 597.5 KB (597504 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
8.	weDownload Manager Pro-firefoxinstaller.exe	f38ac8fa28e7bbe27423956ec6b5eaf5	2
Name: weDownload Manager Pro-firefoxinstaller.exe MD5: f38ac8fa28e7bbe27423956ec6b5eaf5 Size: 907.77 KB (907776 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
9.	weDownload Manager Pro-updater.exe	dbc7c9f592255169175dfc5fbf088d3f	2
Name: weDownload Manager Pro-updater.exe MD5: dbc7c9f592255169175dfc5fbf088d3f Size: 429.56 KB (429568 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
10.	weDownload Manager Pro-codedownloader.exe	e7b6574e3f2bc29f351b8195937cdc55	2
Name: weDownload Manager Pro-codedownloader.exe MD5: e7b6574e3f2bc29f351b8195937cdc55 Size: 519.68 KB (519680 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
11.	The weDownload-chromeinstaller.exe	0cb6f8ddd7f7bfc102361d62381842af	2
Name: The weDownload-chromeinstaller.exe MD5: 0cb6f8ddd7f7bfc102361d62381842af Size: 1.03 MB (1032704 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\The weDownload Group: Malware file Last Updated: February 17, 2014
12.	The weDownload-codedownloader.exe	bf2946d0db5e607a50f35caffcb98993	2
Name: The weDownload-codedownloader.exe MD5: bf2946d0db5e607a50f35caffcb98993 Size: 631.29 KB (631296 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\The weDownload Group: Malware file Last Updated: February 17, 2014
13.	The weDownload-enabler.exe	23dd2e83bbaaa16cfef012356bceb461	2
Name: The weDownload-enabler.exe MD5: 23dd2e83bbaaa16cfef012356bceb461 Size: 454.65 KB (454656 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\The weDownload Group: Malware file Last Updated: February 17, 2014
14.	The weDownload-firefoxinstaller.exe	dcde2b71601a8f2fbb7001b924232ca7	2
Name: The weDownload-firefoxinstaller.exe MD5: dcde2b71601a8f2fbb7001b924232ca7 Size: 993.28 KB (993280 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\The weDownload Group: Malware file Last Updated: February 17, 2014
15.	The weDownload-updater.exe	ba07762fc20a05400fb67fb90d2a7be6	2
Name: The weDownload-updater.exe MD5: ba07762fc20a05400fb67fb90d2a7be6 Size: 452.6 KB (452608 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\The weDownload Group: Malware file Last Updated: February 17, 2014
16.	The weDownload-validator.exe	1f2bea10d1d58a0c08b6e2549d76d83f	2
Name: The weDownload-validator.exe MD5: 1f2bea10d1d58a0c08b6e2549d76d83f Size: 2.01 MB (2019328 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\The weDownload Group: Malware file Last Updated: February 17, 2014
17.	weDownload Manager-codedownloader.exe	51ead83bb7cdc3b87fb16070f489003e	2
Name: weDownload Manager-codedownloader.exe MD5: 51ead83bb7cdc3b87fb16070f489003e Size: 515.07 KB (515072 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
18.	weDownload Manager-firefoxinstaller.exe	779ac3649b71af0b6bec21f04b354291	2
Name: weDownload Manager-firefoxinstaller.exe MD5: 779ac3649b71af0b6bec21f04b354291 Size: 750.59 KB (750592 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
19.	weDownload Manager Pro-bho.dll	58d2fd86c09f6549429d70721078d708	1
Name: weDownload Manager Pro-bho.dll MD5: 58d2fd86c09f6549429d70721078d708 Size: 637.44 KB (637440 bytes) Detections: 1 Type: Dynamic link library Path: %PROGRAMFILES%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
20.	weDownload Manager Pro-codedownloader.exe	228def208223b845c8da16c954537252	1
Name: weDownload Manager Pro-codedownloader.exe MD5: 228def208223b845c8da16c954537252 Size: 487.42 KB (487424 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
21.	weDownload Manager Pro-enabler.exe	8b035f6969b8a9b0c3ca5ac5f9f820c4	1
Name: weDownload Manager Pro-enabler.exe MD5: 8b035f6969b8a9b0c3ca5ac5f9f820c4 Size: 346.62 KB (346624 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\weDownload Manager Pro Group: Malware file Last Updated: February 17, 2014
22.	weDownload Manager-enabler.exe	dec60bd16c2dc02525137bacfe5d1ee7	1
Name: weDownload Manager-enabler.exe MD5: dec60bd16c2dc02525137bacfe5d1ee7 Size: 374.27 KB (374272 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
23.	weDownload Manager-updater.exe	a37db88a9884a61b34f1ad0401d7481b	1
Name: weDownload Manager-updater.exe MD5: a37db88a9884a61b34f1ad0401d7481b Size: 391.16 KB (391168 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
24.	wedownload manager-bg.exe	0c1e8525a7f2c1a00eb85c4f14a3f4b2	1
Name: wedownload manager-bg.exe MD5: 0c1e8525a7f2c1a00eb85c4f14a3f4b2 Size: 765.95 KB (765952 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\wedownload manager Group: Malware file Last Updated: February 17, 2014
25.	weDownload Manager-updater.exe	5ef51d404efdcf6c19317030aa240fcb	1
Name: weDownload Manager-updater.exe MD5: 5ef51d404efdcf6c19317030aa240fcb Size: 435.07 KB (435075 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
26.	weDownload Manager-firefoxinstaller.exe	8e2e12c924db5c98b8c15c4f32c46b47	1
Name: weDownload Manager-firefoxinstaller.exe MD5: 8e2e12c924db5c98b8c15c4f32c46b47 Size: 852.47 KB (852476 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
27.	weDownload Manager-enabler.exe	d815fe64d8196f8045bb07ea449f56c9	1
Name: weDownload Manager-enabler.exe MD5: d815fe64d8196f8045bb07ea449f56c9 Size: 423.3 KB (423303 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
28.	weDownload Manager-codedownloader.exe	25c0bc5d6c6ac5a394a45f78bb21ce50	1
Name: weDownload Manager-codedownloader.exe MD5: 25c0bc5d6c6ac5a394a45f78bb21ce50 Size: 603.08 KB (603080 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014
29.	weDownload Manager-chromeinstaller.exe	5577463478b15ed5da6d4726ba653a4b	1
Name: weDownload Manager-chromeinstaller.exe MD5: 5577463478b15ed5da6d4726ba653a4b Size: 586.74 KB (586747 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\weDownload Manager Group: Malware file Last Updated: February 17, 2014

More files

Registry Details

WeDownload Manager may create the following registry entry or registry entries:

CLSID

{11111111-1111-1111-1111-110411581120}

{11111111-1111-1111-1111-110411901172}

{11111111-1111-1111-1111-110411901174}

{22222222-2222-2222-2222-220422582220}

{22222222-2222-2222-2222-220422902272}

{22222222-2222-2222-2222-220422902274}

{44444444-4444-4444-4444-440444584420}

{44444444-4444-4444-4444-440444904472}

{44444444-4444-4444-4444-440444904474}

{55555555-5555-5555-5555-550455585520}

{55555555-5555-5555-5555-550455905572}

{55555555-5555-5555-5555-550455905574}

{66666666-6666-6666-6666-660466586620}

{66666666-6666-6666-6666-660466906672}

{66666666-6666-6666-6666-660466906674}

HKEY..\..\..\..{RegistryKeys}

Software\AppDataLow\Software\Crossrider\onBeforeNavigate\49072

Software\AppDataLow\Software\Crossrider\onRequest\49072

Software\AppDataLow\Software\The weDownload

Software\AppDataLow\Software\The weDownload Manager

Software\AppDataLow\Software\The weDownload\Update

Software\AppDataLow\Software\weDownload

SOFTWARE\Classes\CrossriderApp0045820.BHO

SOFTWARE\Classes\CrossriderApp0045820.BHO.1

SOFTWARE\Classes\CrossriderApp0045820.Sandbox

SOFTWARE\Classes\CrossriderApp0045820.Sandbox.1

SOFTWARE\Classes\CrossriderApp0049072.BHO

SOFTWARE\Classes\CrossriderApp0049072.BHO.1

SOFTWARE\Classes\CrossriderApp0049072.Sandbox

SOFTWARE\Classes\CrossriderApp0049072.Sandbox.1

SOFTWARE\Classes\CrossriderApp0049074.BHO

SOFTWARE\Classes\CrossriderApp0049074.BHO.1

SOFTWARE\Classes\CrossriderApp0049074.Sandbox

SOFTWARE\Classes\CrossriderApp0049074.Sandbox.1

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\The weDownload

Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\The weDownload Manager

Software\InstalledBrowserExtensions\21501

Software\InstalledBrowserExtensions\weDownload

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411581120}

Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411901172}

Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{11111111-1111-1111-1111-110411901174}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08cb9b4e-1cca-4e21-a44b-cd4a7d7177ff}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0b89ac14-55d3-4267-afd6-0645a40d92b8}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3fc09e11-fdbc-4523-bc73-d5ede4c2203c}

SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61d12012-d3af-42f1-b0f7-ed6feffa463d}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61e309e0-ddd1-4b8b-8280-83906a419e95}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{909e7b95-0cf8-4846-a707-ba4843063839}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cc4fd57f-8174-4f55-9f24-0b4e330d2eb5}

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\The weDownload-bg.exe

SOFTWARE\Microsoft\Tracing\DownloadManager_RASAPI32

SOFTWARE\Microsoft\Tracing\DownloadManager_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The weDownload-codedownloader

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The weDownload-enabler

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The weDownload-firefoxinstaller

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The weDownload-updater

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\weDownload-chromeinstaller

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\weDownload-codedownloader

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\weDownload-enabler

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\weDownload-firefoxinstaller

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\weDownload-updater

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411581120}

SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901172}

Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}

SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411901174}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411581120}

Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411901172}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411581120}

Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901172}

SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\\{11111111-1111-1111-1111-110411901172}

SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110411901174}

SOFTWARE\The weDownload

SOFTWARE\The weDownload Manager

Software\WeDlMngr

SOFTWARE\weDownload

Software\weDownload Ltd

SOFTWARE\Wow6432Node\InstalledBrowserExtensions\21501

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08cb9b4e-1cca-4e21-a44b-cd4a7d7177ff}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0b89ac14-55d3-4267-afd6-0645a40d92b8}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3fc09e11-fdbc-4523-bc73-d5ede4c2203c}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61d12012-d3af-42f1-b0f7-ed6feffa463d}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61e309e0-ddd1-4b8b-8280-83906a419e95}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{909e7b95-0cf8-4846-a707-ba4843063839}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cc4fd57f-8174-4f55-9f24-0b4e330d2eb5}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\The weDownload-bg.exe

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411901174}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110411901172}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{11111111-1111-1111-1111-110411901174}

SOFTWARE\Wow6432Node\The weDownload

SOFTWARE\Wow6432Node\The weDownload Manager

SOFTWARE\Wow6432Node\weDownload

SOFTWARE\Wow6432Node\weDownload Ltd

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

The weDownload

The weDownload Manager

weDownload

Directories

WeDownload Manager may create the following directory or directories:

%APPDATA%\weDownload Ltd

%PROGRAMFILES%\The weDownload

%PROGRAMFILES%\The weDownload Manager

%PROGRAMFILES%\weDownload

%PROGRAMFILES(X86)%\weDownload

%PROGRAMFILES(x86)%\The weDownload

%PROGRAMFILES(x86)%\The weDownload Manager

%USERPROFILE%\AppData\LocalLow\weDownload

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

WeDownload Manager

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove WeDownload Manager

File System Details

Registry Details

Directories

Submit Comment

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen