My McAfee Internet Security said I had a virus - Adware-OpenCandy.dll - which was dully quarantined.
- I can't find information about this virus (what is it ? origin ? malignancy ? etc)
- I searched my Windows registry, and there is still one Adware-OpenCandy.dll entry at:
whose values are:
url1 REG_SZ Adware-OpenCandy.dll
So I feel quite lost - shall I remove this entry ? Am I in great danger ?
Not a virus, just pesky Adware. I find 14,400 mentions on the Web.
Adware:Win32/OpenCandy is an adware program that may be bundled with certain third-party software installation programs. Some versions of this program may send user-specific information, including a unique machine code, operating system information, locale (country), and certain other information to a remote server without obtaining adequate user consent.
Adware-OpenCandy.dll is a low-risk Adware library called OCSetupHlp.dll that is bundled with several third-party installers and placed in a temporary folder on the user's system. The ditially-signed library obtains and transmits certain non-personally-identifiable information to OpenCandy servers in order to deliver additional, unrelated installs to the user. The actions occur without user knowledge or consent and the library is usually deleted once the host installation is complete although it is sometimes left behind under certain installation scenarios. Some installers show an OpenCandy End User License Agreement after the data transmission has occurred. The additional software supplied by the use of the OpenCandy library can help offset the cost of the host software to the user.
If it's quarantined, just delete it. You don't need it and probably don't want it.
Thank you very much for your precious assistance.
So I guess I will not burst my PC suppressing Adware-Candy.dll entry from Windows registries.
We use a tool in our company called primopdf, its a free for companies to use pdf creator. However, it uses the opencandy aspect (to keep it free). I am not trying to sell the product by anymeans, just giving it as an example as to where it shows up.
also from their site:
I'm trying to figure out how to add it to the "safe" list, which is how i landed here.
Deleted domain\Admin C:\Windows\system32\Robocopy.exe D:\Apps\PDF\Old Primo\PrimoPDF126.96.36.199\FreewarePrimoPDF.exe\47.nsis Adware-OpenCandy.dll (Adware)
Adware-OpenCandy is a Potentially Unwanted Program detection (PUP). In order to avoid detection, you can add an exclusion for it. Since you don't mention which product you are using, this article should help with the exclusion process.
Hope this helps.