home

duplicatecleaner_setup.exe

Duplicate Cleaner Free

Digital Volcano software Ltd

The application duplicatecleaner_setup.exe, “Duplicate Cleaner Free Setup” by Digital Volcano software has been detected as a potentially unwanted program by 9 anti-malware scanners. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars. The file has been seen being downloaded from indir.gezginler.net and multiple other hosts.
Publisher:
DigitalVolcano Software Ltd  (signed by Digital Volcano software Ltd)

Product:
Duplicate Cleaner Free

Description:
Duplicate Cleaner Free Setup

Version:
3.2.7

MD5:
471ebef588d9ecb471db3b2ea755771b

SHA-1:
d7764b771463c30f305548150f9269d1b39b6c9b

SHA-256:
2c020730883b340031acb91463b63c0517b7456185d7a2c5963152a428ac3c3e

Scanner detections:
9 / 68

Status:
Potentially unwanted

Explanation:
Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
5/18/2024 11:32:04 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsAdware
1.3.0.6379

Dr.Web
Adware.OpenCandy.4
9.0.1.0354

Emsisoft Anti-Malware
Trojan.Generic.8674086
8.15.12.20.08

ESET NOD32
Win32/OpenCandy
9.9437

Malwarebytes
PUP.Optional.OpenCandy
v2015.12.20.08

NANO AntiVirus
Trojan.Script.Fraudster.csnmgd
0.28.0.57029

Reason Heuristics
Win32.Generic.DigitalVolcanosoftware.Installer.Meta
15.12.20.8

Rising Antivirus
PE:PUF.OpenCandy!1.9DE5
23.00.65.151218

Trend Micro House Call
TROJ_GEN.F47V0918
7.2.354

File size:
5.2 MB (5,429,944 bytes)

Copyright:
(c)2015 DigitalVolcano Software Ltd

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\duplicatecleaner_setup.exe

Digital Signature
Signed by:
Digital Volcano software Ltd

Authority:
COMODO CA Limited

Valid from:
3/6/2013 2:00:00 AM

Valid to:
3/6/2016 1:59:59 AM

Subject:
CN=Digital Volcano software Ltd, O=Digital Volcano software Ltd, STREET=6 Uplands Road, STREET=Oadby, L=Leicester, S=Leicestershire, PostalCode=LE24NS, C=GB

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0087778AAC8AFDF690B56AB0A56F946387

File PE Metadata
Compilation timestamp:
12/6/2009 12:50:41 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:9iMESb2CgJJ/rZ8YYDGvBtxzh7507vQZzVPUfijPWAgpbGf2Ph6MVPYTlx+Qb:cwgJNraYYDGVN750EZZUajOAJf2Ph6IY

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file duplicatecleaner_setup.exe has been seen being distributed by the following 45 URLs.

http://indir.gezginler.net/i/17767/.../

http://www.towerbitscenter.com/JfsSX8DCfJIs0_uL7I5vXDRT42thRNNHMsheDnzs0fkfV7qGywohFJjiFa4AEin9xjkxR75GOC4x5LJQiV2E8SjK_ys7NgwTrzeyvqYx0xMLBRrtBxkKYvNtsK3uDDKFHm9ro yNPVe5qJHI kFdZUjnWkNH9RLVNaxdpEuDgYIoxHIJYXqrhOz zbu8j0j _niObSURBK8gdd48STu7p8ZaTHWw1AHsJvVZKsvKrcfhlHMS6VU=-GzwAAETdFttegqZyzoI4vIgXYSIH7G0JJX4gOEzkhGvB7a4x8VXppX4Qi0jUNMJnvbZG GUTffGAnw==

http://www.techspot.com/downloads/downloadnow/.../?evp=092ab042013872eb9249220b723c9c48&file=1

http://www.towerbitscenter.com/6Ght0F9NQgNuoUg89Wh5_Y4lb2g0_vWuHZaROMO8DrmPunD 1S3GcTxKax9SzlduEdjzml fNsflGpk5yrEslJ8Zh FAnhQllfJEUxkzhkzjBUANITzGXvXOAOdJgfmxyzmju6LG9e_gr0cEk9DC1K13HEFULxuvRsq9M0q5QjUlIgOQycunBRbuFM2yddj5YHbnJws bYlVyUTc8yRfqjR7WtX2qfWlZ0YFSioZfLMs3ncaqRU=-GzwAAETdFttegqZyzoI4vIgXYSIH7G0JJX4gOEzkhGvB7a4x8VXppX4Qi0jUNMJnvbZG GUTffGAnw==

http://lb.cdn.m6web.fr/d/c/a/f97826f431cf582bc445e76353ce06b8/588c635f/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://lb.cdn.m6web.fr/d/c/a/91da046444208240f75b4f4343a0d2cc/5820e22f/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://www.towerbitscenter.com/vpIs5shP0HXSfYVy48BpfzEjHXyzrWn4GgJ36zg2jxbBNL sIg0TEGX099FJexdCRPn743 h_oqXFjJR0jkNfB6rLYm7gMHD9Ai4ykgqgg81GVzB3YJmLCvxRmg25MQj0nQdGar4j1BVQud9edCzwUXoSOxr3C4UOu2rxIp3G4enlmhEAv9rF9M_YYoLfXJdHYgLFwabmzORDBRtdgZx8LmGJvvGCuW3IdYzegLBgv297V8eI7nKTtGLowju6iWF ULe PX_zgYe_Kuxo7gaUwQ28krbBGBVfj 5VpmKQ3fnXsLwyE6CgVJXZCG5Zv 43so PVr59PaW6esFZ5qlLhymHVWKzL_CB3rnPDNA1eVVfiH7162U EziOvWX14t5DqB_x3iMS7c6HbYIIlBwL6bowVn8Lq5b3iyQEI1yH8rrcIkx459Z7c65M_uG6EQpDNpfDuQH8ydQYe2dSbhYuix_wdwlcfoXXSg9nS9DjjI74BSmOhClX2tCeFY6xi24S8MBE7U qMcz6STE96I1ZAV511h58 gep1tTbeau5KNfYRN6 QGnZyXdmMivD1e iTsz0uxu-GzwAAETdFttegqZyzoI4vIgXYSIH7G0JJX4gOEzkhGvB7a4x8VXppX4Qi0jUNMJnvbZG GUTffGAnw==-e

https://duplicate-cleaner.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWuX/hXxY0VRhb/LHglOdKZBgo0W4ZzkwUTaSqs0gdlQTd79BjRBFpd/xC07z5dFtk14uQqpoW0SFZodZkx7lDfN0H VweJVt2 8hFpvTElRP1a1z86yYkPqeVpxI7pBIikKq5YgdF4mcoPbzwWy/.../BJp7A==

http://www.gratilog.net/xoops/modules/.../visit.php?cid=191&lid=2022

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../DuplicateCleaner_setup.exe

http://www.ranchsendgift.com/cSPBQEVG1pK_xI36Y 7Pb LwUlUSYzVlJJMrYHntMG6O37lKqExNtdyqjUSLjmIpUM91_Y_EcRcJxxeYbS8HBfMhnzjLQfn8JvMwweKgxfNP8CJtiT4UcOzOG QigV6FWtP6QraWu2OGdqJ_Uxasuxj83e Kq1kxXce7iXuq60lZuhASYrjwpsR51uxEdJUC6_UCv75k4RrJwKMfaAGrBbLuEIASZA==-GzwAAETdFttegqZyzoI4vIgXYSIH7G0JJX4gOEzkhGvB7a4x8VXppX4Qi0jUNMJnvbZG GUTffGAnw==

http://lb.cdn.m6web.fr/d/c/a/9b7eda52599d0d4385562a4015785177/58024128/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://files01.techspot.com/.../DuplicateCleaner_setup.exe

http://lb.cdn.m6web.fr/d/c/a/cf81d95bc6491ea33d038479554ad54a/574c0e0b/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://d210.cdn.m6web.fr/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

&onid=2248&oid=3001-2248_4-10584403&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14491765&mfgid=6286959&merid=6286959&ctype=dm&cval=NONE&devicetype=desktop&pguid=d62a6e35ceba54951d394a51&viewguid=e9oW-k4Gp@X7nXjsmLGGNAuk5pvdcGyV-9fR&destUrl=http://files.downloadnow.com/s/software/14/49/17/.../DuplicateCleaner_setup.exe

http://lb.cdn.m6web.fr/d/c/a/3692dda0a5bd1e40c8e40173365c4094/5797fd27/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://telechargement1.pcastuces.com/temp6bs2/.../DuplicateCleaner_setup.exe

http://lb.cdn.m6web.fr/d/c/a/2e47d01a67f9aeadc346734052f16649/58100e87/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

https://www.digitalvolcano.co.uk/.../DuplicateCleaner_setup.exe

http://telechargement1.pcastuces.com/temp6bs2/.../DuplicateCleaner_setup.exe

http://lb.cdn.m6web.fr/d/c/a/adba06ddf46531bf270b9337196cac4d/57fec754/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

https://download.heise.de/software/4450b6abb3415cbf62e440d194577539/57fbe81d/.../duplicatecleaner_setup.exe

http://www.ranchsendgift.com/fcZ5WWBNGkO9mk NaPoVvAI8aw1rVcWkqHchJTtwavqAcizBA mnBw4C7WPL6OewPzH9utVIZHvlfJSOgvmSx7GsoubfxszueqfuU_flTdqF6k qChIJQGiGyvVcWLmjJsnV5PyLRx3HYuRvcHwJOZ3MMDNdgK7XO mE2RG6FKN2pQq p_OWYfLIdfbJblAU8X 2iXW9UjCfIoi9fNO3cdPWyGrd3A==-GzwAAETdFttegqZyzoI4vIgXYSIH7G0JJX4gOEzkhGvB7a4x8VXppX4Qi0jUNMJnvbZG GUTffGAnw==

&onid=2248&oid=3001-2248_4-10584403&rsid=cbsidownloadcomsite&sl=en&sc=us&topicguid=utilities/file-management&topicbrcrm=&pid=14491765&mfgid=6286959&merid=6286959&ctype=dm&cval=NONE&devicetype=<!--esidesktop&pguid=cbb27889fd8140ade7dbad33&viewguid=fZZa20L0PXaE88G9UtxsKNRznLhFIFdeU5@b&destUrl=http://files.downloadnow.com/s/software/14/49/17/.../DuplicateCleaner_setup.exe

http://telechargement2.pcastuces.com/temp6bs2/.../DuplicateCleaner_setup.exe

http://lb.cdn.m6web.fr/d/c/a/580c11eee68666d58d8ded2063e9d6b4/56a6470d/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://lb.cdn.m6web.fr/d/c/a/5fd537eaee4e215a0d6e927e4846629e/579342af/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://lb.cdn.m6web.fr/d/c/a/d22c068bba680ec00c7973f40343ef82/575f0ae3/soft/.../duplicate-cleaner_3-2-7_fr_75486.exe

http://download5.fileeagle.com/files/2016/.../DuplicateCleaner_setup.exe

Latest 30 of 45 download URLs

Remove duplicatecleaner_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.