OpenCandy Inc.

Publisher Information

OpenCandy Inc. is a software publisher located in San Diego, California in the United States*. The publisher primarily developes software that can be classified as adware. OpenCandy from SweetLabs is an ad-supported platform that allows publishers to include monetized offers in their software installers. Its advertising software module can be incorporated in a Windows/Nullsoft Installer and when a user installs a program that has the OpenCandy library, there is an option to install additional software that it recommends (based on geolocation). These offers are typically web browser toolbars and search extensions. Thre are 12 additional code signing certificates issued to this publisher.
Remove OpenCandy Inc. Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
3/15/2010 1:00:00 AM

Valid to:
3/16/2011 12:59:59 AM

Subject:
CN=OpenCandy Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OpenCandy Inc., L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7381060ed460b99e62a92347bbb84d48

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OpenCandy.Bundler (M), PUP.OpenCandy (M), PUP.OpenCandy.Installer (M)
100.00%

VIPRE Antivirus
Trojan.Win32.Generic, Opencandy, Threat.5066272
16.00%

Dr.Web
Adware.Downware.10931, Adware.OpenCandy.158, Adware.Plugin.11
16.00%

Malwarebytes
PUP.Optional.OfferBox.A, PUP.Optional.OpenCandy
12.00%

McAfee Web Gateway
Adware-OpenCandy.dll, BehavesLike.Win32.Suspicious.rc
12.00%

Sophos
OpenCandy, OpenCandy (PUA)
12.00%

G Data
Win32.Adware.OpenCandy, Win32.Application.Systweak
12.00%

ESET NOD32
Win32/OpenCandy potentially unsafe, Win32/Adware.Yontoo
12.00%

Comodo Security
ApplicUnwnt, Heur.Suspicious
12.00%

McAfee
Adware-OpenCandy.dll
10.00%

1 / 68      (PUP)
tmp0000007c54758a4f2866d119  (75398dbf7f7aebcdf5433c09b208354f)

1 / 68      (PUP)
przyspieszkomputer_no_speedchecker_p3v1.exe  (7f69c869b6333b4d274d0792ff6122ed)

1 / 68      (PUP)
afiregrevsilent_p2v1.exe  (2cf497d15554077aa8778d06934b3b57)

19 / 68    (PUP)

1 / 68      (PUP)
registrybooster36_wp10v1.exe  (56b2eaecf880fdf6247465c2ac1054d1)

1 / 68      (PUP)
p2v1tuneupinst-1.7.1-cmp107-english.exe  (e04a72a9e632b7f172ebd2c2f02c4585)

19 / 68    (PUP)

19 / 68    (PUP)

1 / 68      (PUP)
registrybooster37_wp10v1.exe  (e0fde86fbf4ac34792d5d916b92d722a)

1 / 68      (PUP)
ocexdll.dll (Pokki Explorer Hook DLL)  (33de206f96517beea8ed0ebd43ac4b54)

1 / 68      (PUP)
grouponinstallerv2.exe  (74d68bfbec2d3b4aef8774bc11fb12af)

1 / 68      (PUP)
registrybooster39_wp10v1.exe  (929c21788e18167808123dd6924b05d4)

1 / 68      (PUP)
ocexdll.dll (Pokki Explorer Hook DLL)  (b23a66b21820f038fc7ca8a76f3ca541)

1 / 68      (PUP)
nitropdfsp32_p1v2installer.exe  (9bedebda371b766882678fa2f3d6f406)

1 / 68      (PUP)
OCWiseInstall.dll (OpenCandy Wise Installer by OpenCandy)  (d5cabd11cc348ff336ae8dc0c54b9684)

19 / 68    (PUP)

1 / 68      (PUP)
nitropdfsp64_p1v1.exe  (6bb2a4072f930aa56ddb503ced9f22f1)

1 / 68      (PUP)
afibatteryoptimizersetup-p1v1.exe  (23d20bb5d20a890af00ed59ae7ec10df)

1 / 68      (PUP)
tmp0000000240a3c0564a9b83ec  (aa1eab7db19f9ebe4fe892e6cd2089c5)

1 / 68      (PUP)
ie9-windows7-x64-enu_wp1v1.exe  (18591ade4bbc93c340b56ad77c23a186)

1 / 68      (PUP)
nitropdfit32_p1v1.exe  (d37cb2bd988c63ea08ebe753be61b96a)

1 / 68      (PUP)
nitropdffr64_p1v2installer.exe  (52dedd7151dfd210f4d0217fe9d888a8)

1 / 68      (PUP)
regrevive_wrapper_p11v1_installer.exe  (2b1f0f5fac90f877db1f4a19331cdbef)

1 / 68      (PUP)
offerboxsetupit_wrp1v2.exe  (4186362c8353a75800b4fa830c779934)

1 / 68      (PUP)
launchofferbox.exe  (55cf07317e1c550a44ecc1c938a74afa)

1 / 68      (PUP)
driverhivetrialsetup_t3_p1v1.exe  (72f81997861a25b96dccf0174e1241f1)

1 / 68      (PUP)
revstarter.exe  (fc1db5d3e3ec9d44da0de3b03f37ad26)

1 / 68      (PUP)
nitropdfsp64_p1v2installer.exe  (2369b036c8cb41430df2392dc3a9b31b)

1 / 68      (PUP)
arotrial2011_oc1_p2v1.exe  (3c69e079d637444a1ee72c778f82d38f)

1 / 68      (PUP)
ocexdll.dll (Pokki Explorer Hook DLL)  (69cfafaba0ca3627cee802a2cb5c4a54)

 
Latest 30 of 140 files

The certificates below are also signed by OpenCandy Inc..

064F7F3543BCDEFC1576F502AE200E11  (Feb 03, 2014 to Apr 22, 2016)

3D96F95B7280804943B22EAAD87771E6  (Oct 24, 2014 to Oct 25, 2015)

0B88C871F68A9102FD1B743704369247  (Oct 24, 2014 to Oct 25, 2015)

5407D8E1F2D0E6C4E6F068C2480628C9  (Oct 13, 2014 to Oct 14, 2015)

29CE9F5BE708FCC90C4937893D131841  (Oct 13, 2014 to Oct 14, 2015)

0098EBBE629C4556BF484A6F8F34FED191  (Oct 13, 2014 to Oct 14, 2015)

00C78CECD817AA361719203EFEE430C0AF  (Oct 13, 2014 to Oct 13, 2015)

00BB7B40B95093A55585D1C267C0D46EE3  (Oct 12, 2014 to Oct 13, 2015)

00B0CC36BCEFA9A2F21227E1707CED355E  (Aug 13, 2014 to Aug 14, 2015)

00C3779EB50F49E5634257CB77974A96D9  (Aug 13, 2014 to Aug 14, 2015)

10 of 12 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Remove OpenCandy Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to OpenCandy Inc. by VeriSign, Inc. on March 15, 2010 with the serial number '7381060ed460b99e62a92347bbb84d48'.