How to remove OCSetupHlp.dll
- File Details
- Overview
- Analysis
OCSetupHlp.dll
The module OCSetupHlp.dll has been detected as PUP.OpenCandy
File Details
| Product Name: |
|
| Company Name: |
|
| MD5: |
c44ca18deea6bde5260537bad5bb9a2f |
| Size: |
754 KB |
| First Published: |
2017-06-10 21:06:09 (6 years ago) |
| Latest Published: |
2022-02-26 23:11:10 (2 years ago) |
| Status: |
PUP.OpenCandy (on last analysis) |
|
| Analysis Date: |
2022-02-26 23:11:10 (2 years ago) |
Overview
| Signed By: |
OpenCandy Inc. |
| Status: |
Invalid (digital signature could be stolen or file could be patched) |
| %localappdata%\microsoft\windows\temporary internet files\content.ie5\dt06rayj\stubinst_pkg_es-mx[1].cab\inst_config |
| %appdata%\real\update\upgradehelper\realplayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab\inst_config |
| %desktop%\bkp ciop 2017\administrador\configurações locais\temporary internet files\content.ie5\hl7ypc2r\stubinst_pkg_en-eu[1].cab\inst_config |
| %sysdrive%\windows.old\users\guilherme\appdata\roaming\real\update\upgradehelper\realplayer\10.50\agent\stub_data\stubinst_pkg_br.cab\inst_config |
| %sysdrive%\joao\appdata\local\temp\rninst~0\ui_data |
| %sysdrive%\joao\appdata\local\temp\rninst~2\ui_data |
| %sysdrive%\joao\appdata\local\temp\rninst~1\ui_data |
| %appdata%\real\update\upgradehelper\realplayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab |
| %desktop%\old computer back-up\liu sum yin\appdata\local\microsoft\windows\temporary internet files\content.ie5\90zchdpr\stubinst_pkg_tw[1].cab |
| %sysdrive%\$recycle.bin\$r7ti2gc\appdata\local\microsoft\windows\temporary internet files\content.ie5\90zchdpr\stubinst_pkg_tw[1].cab |
|
27.0% |
|
|
16.9% |
|
|
10.1% |
|
|
9.0% |
|
|
7.9% |
|
|
5.6% |
|
|
5.6% |
|
|
3.4% |
|
|
2.2% |
|
|
2.2% |
|
|
2.2% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
|
1.1% |
|
| Windows 10 |
53.9% |
|
| Windows 7 |
29.2% |
|
| Windows 8 |
5.6% |
|
| Windows Server 2008 R2 |
5.6% |
|
| Windows 8.1 |
3.4% |
|
| Windows XP |
1.1% |
|
| Windows Vista |
1.1% |
|
Analysis
| Subsystem: |
Windows GUI |
| PE Type: |
pe |
| OS Bitness: |
32 |
| Image Base: |
0x10000000 |
| Entry Address: |
0x0005d230 |
| Name |
Size of data |
MD5 |
| .text |
520704 |
a6dd52343012912f8c7cf452c1428b22 |
| .rdata |
164352 |
aacd25dc480dbfeee153cd6095b1c4f8 |
| .data |
9216 |
18bdf6b290b3840f929ee8a5fd68de1b |
| .rsrc |
39424 |
399fa8910a73dcdc6c7767b6ec7bdd82 |
| .reloc |
31744 |
0d72b354b017d356ed749f81da4a4371 |
