The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

    • RT @nadineswagerman: Iemand mailde me dat een 13-jarig meisje mijn novelle had uitgekozen om te lezen/bespreken op school. Het boek bevat 9… 7 hours ago
    • RT @jilles_com: Afgelopen 10 dagen hebben we door NL gereisd, elke dag een nieuw hotel en op heel veel locaties gegeten. In 60% van de geva… 7 hours ago
    • RT @FTM_nl: Sywert van Lienden plaatste bewust een serie tweets om het ministerie onder druk te zetten om de omstreden mondkapjesdeal met h… 7 hours ago
    • RT @ArmsControlWonk: China just used a rocket to put a space plane in orbit and the space plane glided back to earth. Orbital bombardment i… 7 hours ago
    • RT @shossontwits: O jee. Nu dit weer. 7 hours ago
  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,482 other followers

OpenCandy – Wikipedia

Posted by jpluimers on 2020/11/06

Hmm, one of my machines contained OpenCandy – Wikipedia as found by Malwarebytes (software) – Wikipedia:

Tracking back the installation, revealed it came with ImgBurn, which is now on my black-list.

In my case this was how to remove it:

rd /s /q %AppData%\OpenCandy

This is not universal; you might need to take additional measures like in [WayBack] How to Remove PUP.Optional.OpenCandy (Removal Guide).

I use this batch-file to get the most recent Malwarebytes and Chameleon:


:: redirects to something like wget
wget --content-disposition
:: redirects to something like wget
wget --content-disposition

If you do not have wget on your system, then try this PowerShell alternative (which does not show progress) via [WayBack] Windows batch file file download from a URL – Stack Overflow

:: in case you do not have wget:
powershell -Command "(New-Object Net.WebClient).DownloadFile('', 'mb3.exe')"
powershell -Command "(New-Object Net.WebClient).DownloadFile('', 'chameleon.exe')"
:: note these do not show progress!

Related: [WayBackJeroen Pluimers on Twitter: “What if the most recent @Malwarebytes on a Windows 8.1 x64 VM (all patches installed) on ESXi backed by NVME hangs for hours on one file with hardly any CPU usage? Screenshots of mbam.exe, mbamservice.exe and mbamtray.exe thread usage below.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: