OOO

Publisher Information

OOO is a software publisher located in Moscow, Russia*. The company is a primary distributor of unwanted software. Thre are 16 additional code signing certificates issued to this publisher.
Remove OOO Malware - Powered by Reason Core Security
Authority:
COMODO CA Limited

Valid from:
8/1/2012 8:00:00 PM

Valid to:
8/2/2015 7:59:59 PM

Subject:
CN="OOO ""Industry""", O="OOO ""Industry""", STREET="Vsevolzhsky 2, bld. 2", L=Moscow, S=Moscow, PostalCode=119034, C=RU

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00d139bda20096871840dce08e6a80b6f0

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OOO.DD, PUP.Installer.OOO.O, PUP.Installer.OOO.?, PUP.OOO.g, PUP.OOO.n, PUP.Installer.OOO.a, PUP.OOO.CC, PUP.OOO.z, PUP.OOO.p, PUP.Installer (M), PUP.DownLite.Installer (M), PUP.OOOIndustry.Installer (M)
98.00%

VIPRE Antivirus
Threat.4773981, Adware.Privitize, Threat.4150696
50.00%

Dr.Web
Adware.Downware.1329, Adware.InstallCore.122
38.00%

Sophos
Generic PUA LN, Browser Helper Object, PrivitizeVPN, Mal/Generic-S, Industriya Privitize, PUA 'Industriya Privitize', OpenCandy
32.00%

F-Prot
W32/Trojan3.IUT (exact, not disinfectable), W32/InstallCore.R3.gen, W32/OpenCandy.A
30.00%

McAfee
Adware-OpenCandy.dll, Artemis!8B1A8C2F3D90, Artemis!CA023E6709A7, Artemis!700E9249612B, Artemis!A9C4E3C7A782, Artemis!3BEE73C5378F, Artemis!EC3D612BA6BD
26.00%

Comodo Security
Application.Win32.OpenCandy.~A, Application.Win32.TopMedia.A, Heur.Suspicious, UnclassifiedMalware, ApplicUnwnt
24.00%

ESET NOD32
Win32/TopMedia, Win32/TopMedia (variant), Win32/OpenCandy, Win32/Toolbar.Montiera, Win32/InstallCore.BY (variant), Win32/Toolbar.Montiera.I potentially unwanted
24.00%

avast!
Win.Threat.Undefined, NSIS:Adware-HT [PUP], NSIS:Adware-IU [PUP], Win32:PUP-gen [PUP]
22.00%

NANO AntiVirus
Riskware.Win32.OpenCandy.cxjcyz, Riskware.Win32.Siggen.cvhzam, Trojan.Win32.Siggen.dfsidd, Trojan.Win32.Privitize.ctuojh
22.00%

5 / 68      (Adware)
soundtaxi_pro_v4.3.8_._keygen.exe  (e0e827e0f8652b826d0b435381abcd5e)

9 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
world_war_z_2013_(hun).exe  (9572aa44407440f8d1d7955057ae5a45)

7 / 68      (Adware)
cd(audio_only)_deadmau5_live_in_toronto_2k11.exe  (a75e31578dfe2e468ed602bf4a63c360)

1 / 68      (Adware)
connectify_(pro)_3.1.0.21402_._crack_[by_psycho].exe  (9ccb88aa2a5c1d1d758af216491521a7)

1 / 68      (Adware)
legend_-_the_best_of_bob_marley_.exe  (58e0e2a3d579c322df1bff7f450b2196)

1 / 68      (Adware)

1 / 68      (Adware)
corel_draw_x5_with_keygen.exe  (061ff2e6f9ca8d628ac3b6d8ec909c04)

1 / 68      (Adware)
guitar_pro_6_with_keygen.exe  (aefa0e074daeda697774bc16ecd98ce5)

1 / 68      (Adware)

1 / 68      (Adware)
football_manager_2014__update_14.2.2__nos_team.exe  (418c4fd8cfb44326801b3d9cc812f2ae)

1 / 68      (Adware)
screamer_4x4_gammalt_bilspel_frã¥n_2000.exe  (840945537d0635d57e72e35bae24dc17)

1 / 68      (Adware)
screamer_4x4_gammalt_bilspel_frã¥n_2000.exe  (0ec38758aaf0344912f6456a2f8233f8)

1 / 68      (Adware)
prototype_2_-_spanish_language_pack_._crack.exe  (6327c38cc4b6d2748861b30e2d4fc8b2)

1 / 68      (Adware)
prototype_2_-_spanish_language_pack_._crack.exe  (8dfbb4303f13de5f8194369fbbaee4a5)

1 / 68      (Adware)
prototype_2_-_spanish_language_pack_._crack.exe  (ac842f227f9dc07f7bef042897928517)

1 / 68      (Adware)
downlite_setup.exe (DownLite Installer by DownLite)  (66fd5217495b6f7d1cabb0392682a512)

1 / 68      (Adware)
omsi.the.bus.simulator-skidrow.exe  (eec086a103436a3c9bb79c09cd870cff)

1 / 68      (Adware)
neverwinter_nights-_diamond_edition.exe  (e39986290c5ca4a71b5d8480fd8bf67c)

1 / 68      (Adware)
the.conjuring.2013.r6.webrip.xvid_acesn8s_.exe  (4f37a39fe99f50695e593cd957afee9b)

1 / 68      (Adware)

7 / 68      (Adware)
gta_iv_._working_crack_[pc].exe  (43dd25de3e89ad68cae76a071391d91b)

1 / 68      (Adware)
the_chemical_brothers_-_further_320kbps__[electr0].exe  (e01aee1a3f906768af20dfafe1cca35f)

1 / 68      (Adware)
the_chemical_brothers_-_further_320kbps__[electr0].exe  (43cdf1490ca76d47b636e6d0164da7f2)

1 / 68      (Adware)
gta_san_andreas_full_game_pc_--with_crack--.exe  (5161173274bc464e32d8134131ca9c03)

1 / 68      (Adware)
stepsiblings.13.09.05.sara.and.gia.xxx.1080p.mp4-ktr.exe  (a1137f0727cccda259d53047e018d1f8)

1 / 68      (Adware)
spiderman_web_of_shadows.exe  (bf821d30f33227130aa08b8bd82d3056)

1 / 68      (Adware)
spiderman_web_of_shadows.exe  (a510bde0787f05f6d498739982e3852b)

14 / 68    (Adware)
mgk_-_lace_up_(deluxe)_{2012-album}.exe  (ec3d612ba6bd94d297bf2a4160ba8540)

 
Latest 30 of 91 files

Downloads URLs for files signed by OOO .

5 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

23 / 68    (Adware)

17 / 68    (Adware)

4 / 68      (Adware)

33 / 68    (Adware)

5 / 68      (Adware)
http://privitize.com/.../Darksiders II-SKIDROW  (darksiders+ii-skidrow_secure.exe)

8 / 68      (Adware)
http://www.downlite.net/download.php  (downlite_setup.exe)

The following websites host and distribute files published by OOO .

The certificates below are also signed by OOO .

00E2D0DD88AA54AE6A33646C36CF01E955  (Mar 23, 2015 to Mar 23, 2018)

0083F7063ABAE3F79C8DAA3989DA8CDFB7  (Jan 22, 2016 to Jan 22, 2017)

00870E2391EC22DF0615D76AE3122968DD  (Nov 04, 2015 to Nov 04, 2016)

008F95B27143B03E1827D72051F6055CEF  (Oct 21, 2015 to Oct 21, 2016)

5F8A8BC0B5B8DF88BCC711B3FDA5597D  (Aug 10, 2015 to Aug 10, 2016)

27B290D0C390AD327D54F1213B6D41D0  (Aug 07, 2015 to Aug 07, 2016)

1CDBA4D660F0F2A404A1E5E279704FCE  (May 03, 2015 to Jul 02, 2016)

00D4CC4DDE541C655FCA6D81F9C4C171CD  (Jun 10, 2015 to Jun 10, 2016)

23A7F9E2B56DE5B00C244BAD3044604A  (Apr 29, 2015 to Apr 29, 2016)

02AACCB8DD8AB8454F889ABB32609FEE  (Mar 18, 2015 to Mar 18, 2016)

10 of 16 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Remove OOO Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to OOO by COMODO CA Limited on August 01, 2012 with the serial number '00d139bda20096871840dce08e6a80b6f0'.