What is OpenCandy? And how does it work?
OpenCandy is a dubious program that’s been classified as an adware and a potentially unwanted program by security researchers. It is created by SweetLabs and is designed to work on various browsers like Mozilla Firefox, Google Chrome, Internet Explorer, and more.
OpenCandy is actually a Windows executable file which was first noticed way back in November 2010. Up until now, this ad-supported program is still present on the internet and is distributed via software bundles. The software module of this program contains a Microsoft Windows library that can be hidden under any Windows installer. When you install this program, if you open the Task Manager, you will see certain processes, namely, spidentifier.exe and rundll32.exe – both of which are the process of OpenCandy.
Upon installation of OpenCandy, apart from the aforementioned processes, you will also notice additional components in your affected browsers which can lead to the sudden appearance of intrusive advertisements whenever you browse the internet. What’s more is that it also spies on your every online activity so it can harvest a couple of information which includes your browsing history, websites you visit often, ads you’ve clicked, search queries and more. The harvested information will then be used and even shared with third parties to deliver more sponsored content. You should be careful as some of these sponsored contents could redirect you to shady websites such as websites offering free software downloads, websites that urges you to participate in an online survey requiring your personal information and even websites that displays a scary alert telling you that your computer is infected with some malware and asks you to call some fake tech support number. If you happen to be rerouted to such sites, you must close your browser right away to prevent any potential security risks.
How is OpenCandy distributed over the web?
Like the most ad-supported program, OpenCandy is distributed via software bundles that are found on free sharing sites. It is added as one of the extra components in a free software package that also gets installed when you only use the quick or standard setup during the installation. To prevent unwanted programs from getting installed without your permission, you must always use the Advanced or Custom setup every time you install a free software package.
Refer to the instructions prepared below to get rid of OpenCandy from your computer.
Step 1: Start by opening the Task Manager by simply pressing the Ctrl + Shift + Esc keys.
Step 2: Next, go to Processes and look for the processes named spidentifier.exe and rundll32.exe then right click on each one of them and select End Process or End Task to kill their processes.
Step 3: Then open the Control Panel. To do so, tap the Windows key + R, then type in appwiz.cpl and then click OK or press Enter.
Step 4: Look for OpenCandy and any suspicious program and then Uninstall them.
Step 5: Close all the browsers affected by OpenCandy. If you’re having a hard time closing them, you can close them using the Task Manager just tap on Ctrl + Shift + Esc.
Step 6: After you open the Task Manager, go to the Processes tab and look for the infected browser’s process and end it.
Step 7: Edit your Hosts File
- Tap the Win + R keys to open then type in %WinDir% and then click OK.
- Go to System32/drivers/etc.
- Open the host’s file using Notepad.
- Delete all the entries containing OpenCandy.
- After that, save the changes you’ve made and close the file.
Step 8: Reset all your browsers to default to their default state.
Google Chrome
- Launch Google Chrome, press Alt + F, move to More tools, and click Extensions.
- Look for OpenCandy or any other unwanted add-ons, click the Recycle Bin button, and choose Remove.
- Restart Google Chrome, then tap Alt + F, and select Settings.
- Navigate to the On Startup section at the bottom.
- Select “Open a specific page or set of pages”.
- Click the More actions button next to the hijacker and click Remove.
Mozilla Firefox
- Open the browser and tap Ctrl + Shift + A to access the Add-ons Manager.
- In the Extensions menu Remove the unwanted extension.
- Restart the browser and tap keys Alt + T.
- Select Options and then move to the General menu.
- Overwrite the URL in the Home Page section and then restart the browser.
Internet Explorer
- Launch Internet Explorer.
- Tap Alt + T and select Internet options.
- Click the General tab and then overwrite the URL under the homepage section.
- Click OK to save the changes.
Step 9: Hold down Windows + E keys simultaneously to open File Explorer.
Step 10: Navigate to the following directories and look for suspicious files associated to OpenCandy and delete it/them.
- %USERPROFILE%\Downloads
- %USERPROFILE%\Desktop
- %TEMP%
Step 11: Close the File Explorer.
Step 12: Empty the Recycle Bin.
Follow the advanced instructions below to ensure the removal of OpenCandy using [product-name] as well as all the file residues it left behind.
Perform a full system scan using [product-code]. To do so, follow these steps:
- Turn on your computer. If it’s already on, you have to reboot
- After that, the BIOS screen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.
- To navigate the Advanced Option use the arrow keys and select Safe Mode with Networking then hit
- Windows will now load the SafeMode with Networking.
- Press and hold both R key and Windows key.
- If done correctly, the Windows Run Box will show up.
- Type in the URL address, [product-url] in the Run dialog box and then tap Enter or click OK.
- After that, it will download the program. Wait for the download to finish and then open the launcher to install the program.
- Once the installation process is completed, run [product-code] to perform a full system scan.
- After the scan is completed click the “Fix, Clean & Optimize Now”button.