It seems that another antivirus software has gone mad. This time it's the reputable ESET aka NOD32 and Smart Security. In the past few days, users have been complaining of massive amount of false positive alerts with ESET and the latest virus definition update. It looks like ESET is flagging plenty of legitimate 3rd party software as Win32/OpenCandy adware. Even yours truly has encountered the same issue – especially with installation programs.
According to Microsoft's virus encyclopedia, Win32/OpenCandy is an adware program that may be bundled with certain third-party software installation programs. Some versions of this program may send user-specific information, including a unique machine code, operating system information, locale (country), and certain other information to a remote server without obtaining adequate user consent. Update #1:
Microsoft Security Essentials is having similar issue according to users' reports. Update #2:
ESET has released the following statement: "OpenCandy is a popular adware program that is sometimes bundled with installation packages of legitimate programs. You may receive a "Potential threat found" warning window after downloading any program bundled with OpenCandy. OpenCandy is categorized as a potentially unwanted application because it collects information and selects third-party applications to install on your computer, some of which contain rogue-like and questionable qualities." Update #3:
OpenCandy's CEO has issued a statement
on this manner.