OpenCandy ads (Removal Guide) - Oct 2020 update

OpenCandy ads Removal Guide

What is OpenCandy ads?

OpenCandy is an application that injects computers with unwanted programs

OpenCandy virusOpenCandy unwanted program may install browser hijackers, toolbars, extensions, etc.

Adware OpenCandy is a dubious application created by SweetLabs which infiltrates machines with other unwanted software, including browser hijackers,[1] browser add-ons or toolbars, other adware programs, system optimizers, questionable security software, etc. Adware comes bundled together with most popular Windows programs, such as uTorrent, Flvto YouTube Downloader, Freemake Video Converter, and many others. The suspicious app also spies on users by gathering a certain type of information without their knowledge and sends it out to third-parties for marketing purposes.

Unlike many other adware apps that are easy to get rid of, OpenCandy acts more like a virus during the installation – it forcefully changes DNS settings, appends local proxy, modifies boot configuration data, stops Windows updates. injects processes into system, etc. With the help of these modifications, it is capable of hijacking Google Chrome, Mozilla Firefox, MS Edge, or another browser, redirect traffic, inject ads, and render a Windows computer vulnerable[2] to cyber attacks.

Due to its deceptive distribution, operation and persistence techniques, OpenCandy is detected by multiple security vendors under the following names: PUA:Win32/CandyOpen, OpenCandy (PUA), PotentialRisk.PUA/OpenCandy.Gen, A Variant Of Win32/OpenCandy.A Potentially Unsafe, Adware.OpenCandy.137, Win32:OpenCandy-D [PUP], and others.[3]

SUMMARY
Name OpenCandy
Type Adware
Developed by SweetLabs
First seen 29.11.2010
Processes spidentifier.exe and rundll32.exe
Distribution Software bundling, deceptive ads, fake update prompts
Symptoms Changed homepage, extra apps installed without consent, advertisements, redirects, etc.
Elimination You can delete potentially unwanted programs manually, although not all elements might be deleted this way – you should employ anti-malware and use it to delete PUPs automatically instead
System fix PUA:Win32/CandyOpen performs a variety of unwanted changes on the system – these might not be reverted/fixed by security software. Thus, we recommend using FortectIntego for the purpose

OpenCandy can change startup page by modifying Google Chrome, Internet Explorer, Mozilla Firefox, Safari or other browser's settings, install additional components without permission (such as Pokki), which can ultimately lead to intrusive advertisement and rerouting practices. It is not a secret that adware dramatically diminishes web surfing experience and is never welcomed on any PC. Nevertheless, the app enters machines legally, as users technically (although most likely unintentionally) accept the installation.

Open Candy is a Windows executable file which was first noticed in November 2010. The software module consists of a Microsoft Windows library, that can be hidden in any Windows installer. The Task Manager usually shows the following processes running: spidentifier.exe and rundll32.exe, although other processes used by unintentionally installed programs may run as well. Users should remove OpenCandy virus to stop these processes, as well as prevent the infiltration of additional unwanted programs.

PUA:Win32/CandyOpen also modifies Windows registry to launch with every system boot for persistence reasons. As a result, users who want to uninstall the app from their systems might not be able to. Additionally, possibly the most dangerous trait of this adware is that it prevents Windows from automatically download system updates and disables User Account Control – both of these features are used for security and cyberattack prevention.

PUA:Win32/CandyOpen detectionMany Windows Defenders users spotted that PUA:Win32/CandyOpen is still active years after its release

Some of the applications that distribute OpenCandy adware are well-known and reputable. One might ask why respected developers would include such dubious app in their installers? The answer is quite simple – revenue. Software development often costs a lot of money and authors simply want to gain extra cash by bundling unwanted programs. It has been publicized minimally before, and developers do not like to speak about it. Nevertheless, it is slowly coming to light: we all know that Java popularized the notorious Ask toolbar, which is now considered malware by Microsoft.[4]

Be careful when installing one of these applications, as they might include Open Candy bundled:

  • DivX
  • Avast Antivirus Free
  • FileZilla
  • uTorrent
  • PDFCreator
  • mIRC, etc.

As we already mentioned, OpenCandy is adware program which seeks to gain monetary benefit by injecting additional programs into as many users' PCs as possible. Every install results in revenue, therefore, it is the biggest developers' interest. Ultimately, installed programs clutter and bloat the system, resulting in a frustrating experience for users. Thus, even though it might seem like some programs are “free” – they are not.

To further increase the benefit for themselves, Open Candy creators gather data about users' browsing activities and share it with third parties. This is widely practiced across many platforms; however, it is done without users' consent, which is highly controversial practice.

Adware programs do not bring any benefit and only flood the PC with unnecessary software. Thus, we suggest performing OpenCandy removal as soon as possible. The easiest way to terminate potentially unwanted apps along with the invisible malware is to scan the device with SpyHunter 5Combo Cleaner, Malwarebytes, or other reputable security software. In case the anti-virus does not fix the changes made by the infection, we recommend using FortectIntego as an automatic solution.

OpenCandy unwanted programOpenCandy is a questionable application which may install additional unwanted apps without users' consent

Adware slips in into machines undetected due to software bundling

Seemingly, unwanted apps may show up entirely out of nowhere. It is not true, however, and you did give your permission to install these applications (even without noticing it). Next, Next, Next, Next… done! That is what most people do during the installation of software. Do we need to mention Term and Conditions? Nobody reads that. Right? Well, it is a bad practice, as these documents can provide vital information on what you agree to.

Unfortunately, not many of us do that, as we all want to be done with the installation as soon as possible. It is a wrong way to approach it, as this behavior can compromise your virtual safety and computer security. Thus, be attentive and do not rush. Carefully look at each of the installation steps, and always pick Advanced settings when prompted. Then, eliminate all the pre-ticked components before the process is complete. Naturally, Recommended or Quick method should be avoided at all times – it might hinder the option to opt out of unwanted programs.

OpenCandy PUPOpenCandy can offer a variety of toolbars and other apps, although most of them are useless and simply clutter the browser

Best strategies to remove OpenCandy virus from the infected computer

Technically, OpenCandy virus belongs to the category of potentially unwanted programs and is, mostly, harmless. However, security experts[5] note that it may also cause a bunch of various inconveniences during your browsing sessions, such as system slowdowns, suspicious redirects, the appearance of annoying advertisements and so on.

If you want to prevent all that, we recommend you remove OpenCandy right away. For that, you can either follow a guide provided below and get rid of this adware manually or install one of the anti-spyware programs to perform automatic elimination on your computer. In fact, we highly recommend you to select automatic OpenCandy removal option to make sure that every component related to this adware is gone.

Additionally, since PUA:Win32/CandyOpen also modifies the DNS settings, you should ensure that you reset them to default. Here's how to do that:

  • Right-click on Start and select Settings
  • Go to Network & Internet and select Ethernet on the left
  • On the right, pick Change adapter options
  • Right-click on your connection and select Properties
  • Select Internet Protocol Version 4 (TCP/IPv4) and pick Properties
  • Check Obtain DNS server automatically and click OK.

After the app is gone, ensure that you check for the latest Windows updates via the settings panel and install them as required.

You may remove virus damage with a help of FortectIntego. SpyHunter 5Combo Cleaner and Malwarebytes are recommended to detect potentially unwanted programs and viruses with all their files and registry entries that are related to them.

Offer
do it now!
Download
Fortect Happiness
Guarantee
Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of OpenCandy ads. Follow these steps

Uninstall from Windows

To delete OpenCandy adware from Windows OS, follow these steps:

  1. Click Start Control Panel Programs and Features (if you are Windows XP user, click on Add/Remove Programs). Click 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').
  2. If you are Windows 10 / Windows 8 user, then right-click in the lower left corner of the screen. Once Quick Access Menu shows up, select Control Panel and Uninstall a Program. If you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.
  3. Uninstall OpenCandy and related programs
    Here, look for OpenCandy or any other recently installed suspicious programs.
  4. Uninstall them and click OK to save these changes. Right click on each of suspicious entries and select 'Uninstall'

Delete from macOS

If you want to get rid of the PUP from Mac, follow these instructions:

  1. If you are using OS X, click Go button at the top left of the screen and select Applications. Cick 'Go' and select 'Applications'
  2. Wait until you see Applications folder and look for OpenCandy or any other suspicious programs on it. Now right click on every of such entries and select Move to Trash. Click on every malicious entry and select 'Move to Trash'

Remove from Microsoft Edge

Delete unwanted extensions from MS Edge:

  1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
  2. From the list, pick the extension and click on the Gear icon.
  3. Click Remove. Remove extensions from Edge

Clear cookies and other browser data:

  1. Click on the Menu (three horizontal dots at the top-right of the browser window) and select Settings > Privacy, search, and services..
  2. Under Clear browsing data, pick Choose what to clear.
  3. Select Cookies and other site data and Cached images and files. (apart from passwords, although you might want to include Media licenses as well, if applicable) and click on Clear. Clear Edge browsing data

Restore new tab and homepage settings:

  1. Click the menu icon and choose Settings.
  2. Then find On startup section.
  3. Click Remove next to any suspicious startup page.

Reset MS Edge if the above steps did not work:

  1. Press on Ctrl + Shift + Esc to open Task Manager.
  2. Click on More details arrow at the bottom of the window.
  3. Select Details tab.
  4. Now scroll down and locate every entry with Microsoft Edge name in it. Right-click on each of them and select End Task to stop MS Edge from running. Reset MS Edge

Instructions for Chromium-based Edge

Delete extensions from MS Edge (Chromium):

  1. Open Edge and click select Settings > Extensions.
  2. Delete unwanted extensions by clicking Remove. Remove extensions from Chromium Edge

Clear cache and site data:

  1. Click on Menu and go to Settings.
  2. Select Privacy, search and services.
  3. Under Clear browsing data, pick Choose what to clear.
  4. Under Time range, pick All time.
  5. Select Clear now. Clear browser data from Chroum Edge

Reset Chromium-based MS Edge:

  1. Click on Menu and select Settings.
  2. On the left side, pick Reset settings.
  3. Select Restore settings to their default values.
  4. Confirm with Reset.
  5. This will disable extensions and reset startup pages but will not delete bookmarks, saved passwords, or browsing history. Reset Chromium Edge

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select the unwanted extension and click Remove. Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Settings.
  3. Under Home, set your preferred homepage and new tab settings.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data and Temporary cached files and pages, then click Clear. Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information. Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox. Reset Firefox 2

Remove from Google Chrome

You have to manually reset Google Chrome after uninstallation of the PUP is complete:

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all suspicious extensions related to the unwanted program by clicking Remove. Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data. Clear cache and web data from Chrome

Change your homepage:

  1. Click menu and choose Settings.
  2. Look for a suspicious site in the On startup section.
  3. Click on Open a specific or set of pages and click on three dots to find the Remove option.

Reset Google Chrome:

If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings. Reset Chrome 2

Delete from Safari

  1. Remove dangerous extensions
    Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences. Click on 'Safari' and select 'Preferences'
  2. Here, select Extensions and look for OpenCandy or other suspicious entries. Click on the Uninstall button to get rid each of them. Go to 'Extensions' and uninstall malicious add-ons
  3. Reset Safari
    Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari.... Click on 'Safari' and select 'Reset Safari...'
  4. Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete OpenCandy removal process. Select all options and click on 'Reset' button

After uninstalling this potentially unwanted program (PUP) and fixing each of your web browsers, we recommend you to scan your PC system with a reputable anti-spyware. This will help you to get rid of OpenCandy registry traces and will also identify related parasites or possible malware infections on your computer. For that you can use our top-rated malware remover: FortectIntego, SpyHunter 5Combo Cleaner or Malwarebytes.

How to prevent from getting adware

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Jake Doevan
Jake Doevan - Computer technology expert

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions

References
Removal guides in other languages