OpenCandy: The Reason You Should Never Just Click “Next”

Justin Pot 23-03-2015

Open the installer; click next; click next; click next; read nothing.


Is that how you install Windows software? If so, you’ve probably put more than a few programs on your computer without realizing it. And OpenCandy helped that happen.

That’s right: you’re not insane. OpenCandy is likely the reason your default search engine changed, or the antivirus trial you don’t remember getting expired. You might even be mining LiteCoins without realizing it The uTorrent Mining Scandal: Charity or Cash Grab? Is µTorrent distributing Litecoin mining malware? Read More , all because you didn’t pay attention while installing something.

Why do so many of the people behind the best Windows software The Best PC Software for Your Windows Computer Want the best PC software for your Windows computer? Our massive list collects the best and safest programs for all needs. Read More do this? In a word: money. Developing software takes time, and many users would rather not pay – bundled crapware is a solution. If an installer changes your default search engine, the software’s creator gets a cut of the ad revenue – same if you end up paying for that anti-virus software that installed without you noticing.

There’s lots of ways to do this, but many developers work with a company called OpenCandy. They’ll never say so publicly, but they’re counting on you not paying attention while you install software so they – and the people behind your favourite free apps – can make a buck.

What is OpenCandy? A Brief History

Remember Divx?



Yeah, those guys. They made a video player that was really popular back in the early 21st century. CEO Darrius Thompson started bundling the Yahoo Toolbar 4 Annoying Browser Toolbars and How to Get Rid of Them Browser toolbars just don't seem to go away. Let's look at some common nuisances and detail how to remove them. Read More in the installer sometime in 2008, and the results were dramatic: Divx earned $15.7 million from the toolbar in the first nine months they offered it.

OpenCandy was built around this same technology, and today pitches itself to developers as a way to monetize free app downloads.



Everyone wins, right? Well, everyone but the user who ends up with software they don’t want.

(Interesting tidbit: OpenCandy is also behind the Windows 8 start menu replacement Pokki Pokki Brings The Start Menu Back To Windows 8 (And Apps To The Desktop Mode) Bring back the start menu in Windows 8 – and then some. Pokki is a simple app for re-adding the start menu to Windows 8, but that's not all it does: it also gives you... Read More – naturally, the installer includes OpenCandy offers.)

Taking Advantage of Your Laziness

Let’s look at a prominent example: µTorrent. This was once a great portable torrent client, meaning it didn’t require an installer. This changed after BitTorrent, Inc took over development, likely so that things like this could be inserted in the installer:



It looks like a standard EULA, but read it and you’ll quickly notice this has nothing to do with µTorrent. Click “Accept” – deliberately placed right where the “Next” button is during every other step of the installation – and your default search engine will change. OpenCandy and BitTorrent, Inc will both get a cut of the revenue.

But that’s not enough – decline this offer and you’ll see another.


Yep, Microsoft is paying to trick you into installing Skype. Note how the “I do not accept” button is greyed out, so you think declining isn’t even an option (it is).


In review: OpenCandy relies on you being lazy during installation, and will do things like change your default search engine or install software you didn’t ask for.

Is OpenCandy Malware?


In 2011 Microsoft’s anti-malware software started identifying OpenCandy as a piece of malware. It doesn’t anymore, but some anti-malware programs still occasionally recognize OpenCandy as a threat.

Whether OpenCandy is actually malware or not is the subject of some debate. Like malware it’s generally unwanted, and can make changes to the system almost all users would rather avoid. Unlike malware, however, it technically asks for your permission before installing (though it’s worth repeating that many users don’t notice being asked).

The debate will surely continue, with users being annoyed and OpenCandy insisting everything they do is above board (which, strictly speaking, it is).

Which Programs Come With OpenCandy?

OpenCandy seems to come and go from installers, and there’s no official list of software that includes it. The Wikipedia article about OpenCandy has a list, though, and it includes the following programs:

  • CDBurnerXP
  • CutePDF
  • Foxit Reader
  • Miro
  • PeaZip
  • µTorrent

All of these were apps we, as a site, have recommended at one point or another – something we feel conflicted about.

How Can I Avoid OpenCandy Completely?


Would you rather avoid such shenanigans? That makes sense. There are a few quick ways to do this:

These all work, but if you want to avoid OpenCandy altogether it’s best to block “*” completely by editing your hosts file What Is the Windows Host File? And 6 Surprising Ways to Use It The Windows Hosts file allows you to define which domain names (websites) are linked to which IP addresses. It takes precedence over your DNS servers, so your DNS servers may say is linked to... Read More .

Free as in Not Actually Free


OpenCandy gives the people who make free software a way to make money, but arguably does so by tricking users into installing software they don’t want. We want to know: do you think this is okay? Or is it a violation of trust? Let’s talk about the ethics of this in the comments below.

Related topics: Anti-Malware, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Eds
    October 18, 2018 at 12:46 am

    Any video Convert is a great program, but it does things during the initial install such as install open candy. The newest one tries to connect to and send out your system info to various parties.

  2. mike
    November 27, 2017 at 1:16 pm

    if they have to trick you it is definitely malware

  3. DesertRider
    July 3, 2017 at 12:14 am

    Its got to the point where I go to the torrent sites for clean software. If its from an uploader I trust, I will take that over the authors site and the bundled crapware. It seems that upon careful inspection one can usually get around the crapware, but I have (well, for now) good eyesight. The elderly, or visually impaired fall victim all the time, and if they are not lucky enough to have a family member to help, then it costs them a lot of money. Its a sad state of affairs when I prefer the torrents sites to the authors site.
    Although, if someone like, say the author of ImgBurn, where to net even 'just a few million' from a bundled installer, I would give a big cheer to someone that would be so deserving of the money for their outstanding donation of free software. If only one of the 'little guys' could be so lucky, right eh?
    Lets all be greatful for TDSS Killer, Malwarebytes, RogueKiller, AdwCleaner, Defender, and Combofix to name a few (those are the ones I use as needed).

  4. DesertRider
    July 2, 2017 at 11:46 pm

    A lot of you out there will think I must be crazy, but I oftentimes go straight to the torrent sites for my free software and see if a uploader I trust has a good maybe even improved version available.. I dont have to search the page for the correct 'Download Now' button to click, and oftentimes it downloads faster. But mainly, just to avoid the crapware. There is that one in a million download that might have a real whopper of a piece of crapware (virus, etc) bundled in (when downloading from a torrent site) and I realize the risk. But, its sad when the authors site will definitely be bundled with crapware and some of it is harder to remove than a virus. I am eternally greatful for ADWCleaner, Malwarebytes, TDSS, and Combofix. They fix everything Defender lets in.

  5. Simon Spencer
    June 11, 2016 at 10:14 am

    Unfortunately some pieces of software have actually removed your ability to say "no", so you either have to install that stuff, or you can't update your programs.

  6. Anonymous
    October 24, 2015 at 10:20 am

    Dear Justin,
    I find it a bit strange that you write this article and at the same moment offer a link to pokki. As I understand the developers of pokki are the same as the developers of open candy, and the latter software is included - as I understand - in the pokki installation package. Not even an option to uncheck it ... just very hidden in the eula.

    • Justin Pot
      October 25, 2015 at 8:26 pm

      I mean, Pokki is pretty good – just pay attention during the installer.

  7. Kelsey
    April 10, 2015 at 11:42 pm

    Well, even with the best of intentions and vigilance, we all at some point either have or will accidentally install crapware. For those situations, and really for any time I need to uninstall a program, I use Revo Uninstaller. It has an indepth cleaning function that gets all the little dribs and drabs of craptastic programs out of your setup.
    There are many other programs out there that do the same thing, but Revo is my favorite for efficiency. I've never had any issues with it screwing up the registry either.

    • Justin Pot
      April 13, 2015 at 3:21 pm

      Thanks for the recommendation, Kelsey!

  8. dragonduder
    March 26, 2015 at 7:15 pm

    Freemake Video Converter is an excellent software I was hesitant to recommend to the people who I work with due to OpenCandy. My solution was to make a batch script with the NoCandy switch:

    Start freemake.exe /NOCANDY

    I zipped up the script with the installer (freemake.exe), told people to unarchive and double click the .bat, voila, no problems with the installation.

    The switch is the easiest way out of them all to avoid OpenCandy, honestly people.

    And I'd like to thank MakeUseOf for teaching me how to script a batch file!

    • Justin Pot
      March 26, 2015 at 7:31 pm

      That's a really simple solution! Thanks for sharing that.

    • lest
      March 10, 2016 at 10:23 pm

      hello dragonduder you can explain how to do:

      make a batch script with the NoCandy switch:

      Start freemake.exe /NOCANDY

      I zipped up the script with the installer (freemake.exe), told people to unarchive and double click the .bat, voila, no problems with the installation.

      • Anonymous
        March 10, 2016 at 10:35 pm

        1) Open Notepad.

        2) Copy and paste the following into it:

        Start freemake.exe /NOCANDY

        3) Click "File" in the upper left corner, click "Save As...". Delete the "*.txt" in the File name box. Save it as "FreemakeInstallation.bat" (or name it whatever you want, just end it with .bat and not .txt). "Save as type:" should be "All Files (*.*)" and not "Text Documents (*.txt)". Save it where ever your Freemake.exe installer is (i.e. your Dropbox folder).

        4) When the batch file (the .bat file you just created) is in the same folder as the Freemake.exe (installer file), select them both. Right Click on them while they're both selected. Go down to the "Send to" submenu and select "Compressed (zipped) folder".

        Now when people want to install Freemake without the OpenCandy bull, all they have to do is extract the content of the zipped folder and double click the exe file. The Freemake installer will run but it will not include OpenCandy.

        Note: the batch file has to be in the same folder as the installer file.

        • Anonymous
          June 18, 2016 at 2:06 pm

          Whoops! The should double click the BAT, not the exe. Just noticed that error. My apologies.

        • Manu
          June 26, 2016 at 11:32 pm

          Hello Ryan, thank you very much for these instructions! This has been one of the most didactic help posts I have see on the Internet in a while.
          Cheers :)

  9. Colonel Angus
    March 25, 2015 at 8:22 pm

    Never just click through when installing software. OpenCandy is only one of the unwanted guests you can end up with.

    • Justin Pot
      March 25, 2015 at 9:14 pm

      You're right: OpenCandy is just one menace among many, but it's one I think people should know about.

  10. Mike Merritt
    March 24, 2015 at 1:28 pm

    I've got it now ... "OpenCandy" is the name of an "Installer" that program authors use to provide an interface to "install" their freeware. OpenCandy still delivers the freeware program that you intended to get - it's just that, along the way, it tries to trick you into accepting other programs/toolbars, etc that you didn't ask for and probably don't want. It uses tricky/deceptive means to make you think that you have to accept this other unwanted software. "OpenCandy" only exists during the install process, and doesn't, of itself, infect your computer. Of course, you might unwittingly receive these other programs/toolbars that it pushes - and then have to un-install them yourself later on.
    Sorry Justin, somewhere in your article above this wasn't at all clear.

    • Justin Pot
      March 24, 2015 at 2:58 pm

      Apparently not! I'll keep this in mind for future articles.

    • Greenaum
      June 19, 2019 at 11:45 pm

      Seemed pretty obvious to me in the article. And more in-depth too. It's a shame programmers of decent software have to go so desperately to obvious thieves and charlatans, to make a few quid to put food on the table.

      If whatsisname made $15 million from Yahoo, a harmless company, even though "toolbars" are moronic and useless, I can see why anyone would be tempted to take a chance like that, especially if they see their software being massively downloaded.

      Now I'm trying to think of some gadget I might program myself! I'm a prostitute, I don't care! I'll give you so many toolbars you won't be able to see your screen! You won't be able to find a program to uninstall them! Or maybe I'll write an "uninstall" program... with more toolbars! Yeah!

      If one dork can make $15M from a deal with someone relatively nice like Yahoo, think what I'll make off evil pricks! Aw yeah, "learn to code", people.

  11. Xoandre
    March 24, 2015 at 1:14 pm

    Perhaps the most PREVALENT of these is when ADOBE Installs McAffee Antivirus Monitor every time it forces an update to Reader or Flash. They do not give you the choice in the matter - it just installs the Adobe program and SIMULTANEOUSLY installs McAffee. Every. Single. Update.

    • Justin Pot
      March 24, 2015 at 2:59 pm

      I'm pretty sure there's an option – I always manage to avoid it.

  12. Dave
    March 23, 2015 at 5:24 pm

    Sourceforge now packages Filezilla with defaults for Yahoo Search and Real Cloud Player. Likely that others will follow.

    • Justin Pot
      March 23, 2015 at 6:10 pm

      It's become disturbingly common...

  13. charmingguy
    March 23, 2015 at 5:12 pm

    I am of the large minority who reads and unticks the unwanted app boxes.

    I also use a second pair of eyes in the form of .

    I download most of my apps from . So far without any PUPs.

    • Justin Pot
      March 23, 2015 at 6:10 pm

      I usually do this too, but the need to constant vigilance can get exhausting. I somehow missed a step a few weeks ago and spent a half hour cleaning up after.

  14. gregor
    March 23, 2015 at 4:58 pm

    Simple solution

    • Justin Pot
      March 23, 2015 at 6:10 pm

      I really need to check this out, thanks for sharing it!

  15. Transform Humanity
    March 23, 2015 at 4:10 pm

    Never thought of moving to FLOSS that completely respects your privacy and your intelligence? Think Linux, Think Trisquel ! You won't, then, have to worry about such inanities like !!

    • Justin Pot
      March 23, 2015 at 4:28 pm

      OpenCandy is used by more than a few FLOSS projects to raise funds. Just saying.

    • dragonmouth
      March 23, 2015 at 8:54 pm

      If you install from distro repositories you won't have that problem.

    • Justin Pot
      March 23, 2015 at 10:48 pm

      If you switch to Linux, sure. And I'd love to live in a world where that's practical for everyone, but I don't.

  16. Craig Snyder
    March 23, 2015 at 4:07 pm

    $15.7 million in 9 months from a toolbar is serious. I'm not a fan of OpenCandy, and it really bothers me that age-old sites like CNET's are changing the way they bring files to us and bundling adware/spyware/toolbar paths into their installations.

    Always look for "Custom Installation" and "Decline" buttons. It sucks that that stuff like the Toolbar is apparently considered to be "standard" in the installation path now. I don't think we should have to go through a custom installation path just to get rid of them.

    Good tutorial on how to get away from OpenCandy!

    • Justin Pot
      March 23, 2015 at 10:48 pm

      Yeah, I wonder how much OpenCandy is netting these days. Couldn't find numbers for that...

  17. DontLikeCandy
    March 23, 2015 at 4:01 pm

    Regarding the blocked directory approach I mentioned in a previous comment:

    Create empty files named OpenCandy in the directories %AppData% and %AppData%..Local. Set attributes readonly, hidden and system. The OpenCandy installer will not be able to create its directories any more.

    C:>cd %appdata% && attrib opencandy
    A SHR I C:UsersJohn DoeAppDataRoamingOpenCandy

    C:UsersJohn DoeAppDataRoaming>attrib ..Localopencandy
    A SHR I C:UsersJohn DoeAppDataLocalOpenCandy

    Would love to give credit to another website if allowed.

  18. DontLikeCandy
    March 23, 2015 at 3:59 pm

    The known opencandy hosts:

    • Mike Merritt
      March 23, 2015 at 8:19 pm

      Thanks. ... added lines to "hosts"
      and so on ...

  19. Mike Merritt
    March 23, 2015 at 3:15 pm

    Justin: I don't think that you are allowed a "wildcard" like: asterisk-dot in a "hosts" file.
    Any other suggestions as to how to defeat it or remove it ? I've used some of the mentioned programs in the past ... How do I know if I'm affected/infected ?

    • Justin Pot
      March 23, 2015 at 10:49 pm

      Yeah I need to look into this and update that paragraph, thanks for letting me know.

  20. DontLikeCandy
    March 23, 2015 at 3:13 pm

    I once read about a solution that had the the user creating work directories in the locations that open candy creates and uses. The user then disables their account's permissions to access those directories, preventing open candy from accessing those directories if it were to ever run in the future. Wish I could remember more...

  21. Joe
    March 23, 2015 at 1:46 pm

    How does "Makeuseof" juxtapose the implications of this article against the recent article from Mathew Hughes --- //

    It would seem that even "Makeuseof" cannot become unified on these subjects.

    • Jack
      March 23, 2015 at 9:26 pm

      Different authors, different topics. One involves deception to install unwanted software on someone's computers, the other involves blocking the ad the website requires to survive.

    • Matthew Hughes
      April 15, 2015 at 5:45 pm

      Surely that's a good thing? Do you want to read a tech website with a "party line"? Or do you want to hear a diverse array of views?

      For what it's worth, three days before my AdBlock piece came out, another piece was published by Mihir Patkar which totally disagreed with my stance.


  22. m-p{3}
    March 23, 2015 at 1:09 pm

    Thanks, just blocked the domain on my OpenDNS account.

    • Justin Pot
      March 23, 2015 at 2:46 pm

      Good idea!