home

OpenCandy

Publisher Information

OpenCandy is a software developer located in San Diego, California in the United States*. The publisher primarily developes software that can be classified as adware. Thre are 15 additional code signing certificates issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
8/25/2014 7:00:00 PM

Valid to:
8/26/2015 6:59:59 PM

Subject:
CN=OpenCandy, O=OpenCandy, STREET="510 Market St #301", L=San Diego, S=CA, PostalCode=92101, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
132982a2fbdc37fcdc8d57346010bc5f

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OpenCandy.G, PUP.Installer.OpenCandy.K, PUP.OpenCandy.CC, Threat.Win.Reputation.IMP, PUP.OpenCandy.F, PUP.OpenCandy.Installer, PUP.OpenCandy (M)
100.00%

Dr.Web
Adware.OpenCandy.15, Adware.OpenCandy.55, Adware.OpenCandy.56, Adware.OpenCandy.73, DLOADER.Trojan, Adware.OpenCandy.147
61.29%

AVG
OpenCandy
61.29%

ESET NOD32
Win32/OpenCandy (variant), Win32/OpenCandy.C potentially unsafe (variant), Win32/OpenCandy.E potentially unsafe (variant)
48.39%

Baidu Antivirus
Adware.Win32.OpenCandy
38.71%

AhnLab V3 Security
PUP/Win32.OpenCandy
38.71%

G Data
Win32.Application.OpenCandy, Win32.Adware.OpenCandy
35.48%

Malwarebytes
PUP.Optional.OpenCandy
35.48%

Panda Antivirus
PUP/OpenCandy
29.03%

Fortinet FortiGate
Riskware/OpenCandy
25.81%

1 / 68      (PUP)
ocsetuphlp.dll (Rec Helper by OpenCandy)  (f0264f9145e625aa1d8107cfdb86f68b)

1 / 68      (PUP)
dh223.exe (Installation helper by OpenCandy)  (822a6199dd622a39c0919856e75466b4)

1 / 68      (PUP)
dh210.exe (Installation helper by OpenCandy)  (5898cc53df6738544ada8df01d5c0d1c)

1 / 68      (PUP)
dh225.exe (Installation helper by OpenCandy)  (ed245a327ac16bc175c0cba1d3b24b21)

10 / 68    (PUP)
dh219.exe (Installation helper by OpenCandy)  (a1ed5ae153a1fa14a6d944d562787998)

7 / 68      (PUP)
ocsetuphlp.dll (Rec Plugin by OpenCandy)  (e683e57128d39e0eea018a2f3551b4b6)

6 / 68      (PUP)
dh145a.exe (Installation helper by OpenCandy)  (ecd48be41443d44a19ab6a3df40aabb5)

6 / 68      (PUP)
dh143a.exe (Installation helper by OpenCandy)  (6a72d91d2d6b375f64bd19cf20beb71d)

9 / 68      (PUP)
ocsetuphlp.dll (Rec Plugin by OpenCandy)  (1a448bae34400dcbf2e15f5cfca1e68e)

8 / 68      (PUP)
dh134a.exe (Installation helper by OpenCandy)  (6880eb48dd8b7db733ff08dc23b8db6b)

6 / 68      (PUP)
ocsetuphlp.dll (Rec Plugin by OpenCandy)  (df64bcbcd08a43c74478207ea17ccc44)

3 / 68      (PUP)
dh133a.exe (Installation helper by OpenCandy)  (3a92e820ab28550dafee8c88e4b9e342)

2 / 68      (PUP)
setup_entrustedbrowser.exe  (cc2bd5d5a09e79cacab69dbddab97a82)

4 / 68      (PUP)
dh117a.exe (Installation helper by OpenCandy)  (f61adbe87b6f48b63c0f6c8dfdff2ebc)

4 / 68      (PUP)
dh119a.exe (Installation helper by OpenCandy)  (af2596c84248539fba4928a0670d2df5)

4 / 68      (PUP)
du109a.exe (Installation helper by OpenCandy)  (d1fed4a17784bdfe75b3b2101543f062)

3 / 68      (PUP)
du115a.exe (Installation helper by OpenCandy)  (1c3048bbca125535030adbc523b5c6ad)

9 / 68      (PUP)
ocsetuphlp.dll (Rec Plugin by OpenCandy)  (a55524695d86fb98f521da1e6b901b6b)

13 / 68    (PUP)
du105a.exe (Installation helper by OpenCandy)  (c284af024717651cf1d2aab03c1340a6)

15 / 68    (PUP)
du109a.exe (Installation helper by OpenCandy)  (6b4fc445cac77bb6d079d35bc9518eec)

12 / 68    (PUP)
du90a.exe (Installation helper by OpenCandy)  (c230c4d420b1f29a4d872e5bdcbd8c23)

11 / 68    (PUP)
du77a.exe (Installation helper by OpenCandy)  (cfacaa0717d2b332f8dcf1e77c28ae53)

2 / 68      (PUP)
du73a.exe (Installation helper by OpenCandy)  (5084119b136a9ab97fa111778a1f7e73)

5 / 68      (PUP)
du339a.exe (Installation helper by OpenCandy)  (5547b04931425cce09d18e96a86b2dbf)

6 / 68      (PUP)
du335a.exe (Installation helper by OpenCandy)  (df7d320e8a3786871bb17d2871ceedd2)

10 / 68    (PUP)
du330a.exe (Installation helper by OpenCandy)  (94413fcb609d44c902c5927040fe8a90)

10 / 68    (PUP)
dm325a.exe (Installation helper by OpenCandy)  (3a927857f716f3ba9d73a0886a30e22b)

5 / 68      (PUP)
ocsetuphlp.dll (Rec Helper by OpenCandy)  (44908cb59513700bfb6db05be0252c80)

6 / 68      (PUP)
$rrur6xm.quarantine.quarantine (Rec Helper by OpenCandy)  (b87cf15b651b912813f84b29a92deba9)

6 / 68      (PUP)
ocsetuphlp.dll (Rec Helper by OpenCandy)  (c9853216b3eccb63f83c4b88af71f9b6)

 
Latest 30 of 31 files

The certificates below are also signed by OpenCandy.

1E9E68F089EA94C394F7ABDE43771620  (Jul 30, 2015 to Jul 28, 2016)

455D3F0BDDD2A1EDC4093B2F6B7C5EF6  (Aug 26, 2014 to Aug 27, 2015)

1A4DE208E2EAA73D520698E2D08C7D3D  (Aug 26, 2014 to Aug 27, 2015)

00D8969D7474F2E05D880A6058A425B9A3  (Aug 26, 2014 to Aug 27, 2015)

59AACE402387A76F641AEB61B78F5E5E  (Aug 26, 2014 to Aug 27, 2015)

008C39E02810FFAD0BE835267C2DF1EB91  (Aug 26, 2014 to Aug 27, 2015)

00968F75DEF14B8896984D3B88276AFA95  (Aug 26, 2014 to Aug 27, 2015)

7B224CA971E41AF3F000BE4B05FC833A  (Aug 26, 2014 to Aug 27, 2015)

00E9AA9CF62D76917409F82A1BEA2A62ED  (Aug 26, 2014 to Aug 27, 2015)

5AA7E515112EAEB906A3ABD37394DAD6  (Aug 26, 2014 to Aug 27, 2015)

10 of 15 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

OpenCandy Inc

OpenCandy Inc.

* Note, the details and description above are based on the code signing digital signature issued to OpenCandy by COMODO CA Limited on August 25, 2014 with the serial number '132982a2fbdc37fcdc8d57346010bc5f'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.