OpenCandy Inc.

Publisher Information

OpenCandy Inc. is a software publisher located in San Diego, California in the United States*. The publisher primarily developes software that can be classified as adware. OpenCandy from SweetLabs is an ad-supported platform that allows publishers to include monetized offers in their software installers. Its advertising software module can be incorporated in a Windows/Nullsoft Installer and when a user installs a program that has the OpenCandy library, there is an option to install additional software that it recommends (based on geolocation). These offers are typically web browser toolbars and search extensions. Thre are 12 additional code signing certificates issued to this publisher.
Remove OpenCandy Inc. Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
1/25/2011 1:00:00 AM

Valid to:
3/15/2014 12:59:59 AM

Subject:
CN=OpenCandy Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OpenCandy Inc., L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6ffc263a351134194cf16e1e6d0e0806

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OpenCandy.Bundler (M), PUP.OpenCandy.Installer (M), PUP.OpenCandy (M), PUP.OpenCandy.Pokki.Bundler (M)
100.00%

Malwarebytes
PUP.Optional.OpenCandy, PUP.Optional.OpenCandy.A
26.00%

Trend Micro House Call
TROJ_GEN.F47V1102, TROJ_GEN.F47V0407, TROJ_GEN.F47V0429, TROJ_GEN.F47V0915, TROJ_GEN.F47V1011, TROJ_GEN.F47V0403
26.00%

VIPRE Antivirus
Opencandy, Threat.204212
26.00%

Fortinet FortiGate
Riskware/OpenCandy, W32/OpenCandy, Adware/OpenCandy
24.00%

G Data
Win32.Adware.OpenCandy
24.00%

AVG
OpenCandy
24.00%

ESET NOD32
Win32/OpenCandy, Win32/OpenCandy potentially unsafe, Win32/OpenCandy (variant)
22.00%

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5, Trojan.Win32.Generic.1288A77D
20.00%

Dr.Web
Adware.OpenCandy.7, Trojan.Damaged.1, Adware.OpenCandy.3
18.00%

1 / 68      (PUP)
frostwire_p1v5.exe  (3a7c2ee4aacf641621be07d98a5c1f2b)

1 / 68      (PUP)
driverscannerscan_p2v0.exe  (b0d6a5723796034ded5bf5978b367745)

13 / 68    (PUP)
OCSetupHlp.dll (OCSetupHlp by OpenCandy)  (decc7db9ed870d3d3af58623f2e547ff)

1 / 68      (PUP)
tuneuputilities2012_1002033_fr-fr-p1v0.exe  (9cd7dcaaa689d565cb3f60037b12f18e)

1 / 68      (PUP)
tuneuputilities2012_de-de-p2v1.exe  (345743336a66a9e58689a9698ac12a91)

1 / 68      (PUP)
linkuryinstaller_p1v2.exe  (94f4b2234b911d2698ca8b724c804bea)

18 / 68    (PUP)

1 / 68      (PUP)
nitro_pdf_reader2_es_x86_p3v5.exe  (ba9bd09bad4f3eb3a71e9b98cdb0259d)

1 / 68      (PUP)

18 / 68    (PUP)

1 / 68      (PUP)
snapdo_rbcb_p4v2.exe  (3f837ea5aa494f4a77df6a8a20c397ac)

16 / 68    (PUP)

1 / 68      (PUP)
v9_internal.exe  (553065d11a43c26755b3dd7d89494018)

1 / 68      (PUP)
setup507_p1v3.exe  (ab0604197106bd57287e19323b52446a)

13 / 68    (PUP)
OCSetupHlp.dll (OCSetupHlp by OpenCandy)  (e783b50d0fa493417c1c2193db17a806)

1 / 68      (PUP)
comodox86_p1v0.exe  (3989f718ac698ddc60208d430949b8d5)

1 / 68      (PUP)
thegroovesharkapp.exe  (2524f2c4972c343bec96c52f85450c3b)

16 / 68    (PUP)
OCSetupHlp.dll (OCSetupHlp by OpenCandy)  (71fc1e56f32f66ceb3fa7e36ed651992)

1 / 68      (PUP)
ie9-windowsvista-x86-enu_p12v4.exe  (f4573a5dcc8b2cc1b86dbef162c46993)

1 / 68      (PUP)
realplayerr71poc3_p19v1.exe  (d375f67e6a84cb1f7bea1f9d5782b897)

15 / 68    (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
pc_faster_setupind_p1v4.exe  (753c4903fec8a8f7546782c2b39d4fb9)

1 / 68      (PUP)

1 / 68      (PUP)
globalmojo-3.1.0-11_ch_p1v3.exe  (db73960f5862e5f106b9d4fe0f06c1fa)

1 / 68      (PUP)
pc_faster_setupbr_p1v4.exe  (f3799700d192c84497537c843393c7fc)

1 / 68      (PUP)
tuneuputilities2012_es-es_1002227-p1v1.exe  (0be99522e35553154f77eccc24485531)

1 / 68      (PUP)
avg-tuneup-it-1day_p3v0.exe  (24ca96664f6f4a36afab3c3630ee6818)

1 / 68      (PUP)
pc_faster_setupbr_p1v2.exe  (ed7c5bc7fac13fd3da4400fa6696e8d4)

1 / 68      (PUP)
registryreviversetup_afd_p4v0.exe  (6b3a81d9450fdf5bedf2084ae48a7ed2)

 
Latest 30 of 1,370 files

Downloads URLs for files signed by OpenCandy Inc..

1 / 68      (PUP)

The certificates below are also signed by OpenCandy Inc..

064F7F3543BCDEFC1576F502AE200E11  (Feb 03, 2014 to Apr 22, 2016)

3D96F95B7280804943B22EAAD87771E6  (Oct 24, 2014 to Oct 25, 2015)

0B88C871F68A9102FD1B743704369247  (Oct 24, 2014 to Oct 25, 2015)

5407D8E1F2D0E6C4E6F068C2480628C9  (Oct 13, 2014 to Oct 14, 2015)

29CE9F5BE708FCC90C4937893D131841  (Oct 13, 2014 to Oct 14, 2015)

0098EBBE629C4556BF484A6F8F34FED191  (Oct 13, 2014 to Oct 14, 2015)

00C78CECD817AA361719203EFEE430C0AF  (Oct 13, 2014 to Oct 13, 2015)

00BB7B40B95093A55585D1C267C0D46EE3  (Oct 12, 2014 to Oct 13, 2015)

00B0CC36BCEFA9A2F21227E1707CED355E  (Aug 13, 2014 to Aug 14, 2015)

00C3779EB50F49E5634257CB77974A96D9  (Aug 13, 2014 to Aug 14, 2015)

10 of 12 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Remove OpenCandy Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to OpenCandy Inc. by VeriSign, Inc. on January 25, 2011 with the serial number '6ffc263a351134194cf16e1e6d0e0806'.