As a matter of fact, even though the OpenCandy DLL is still part of the avast installer (was originally used to make the partner offer) it is not being executed at all. The Chrome offer is now done using a diffent technique.
We will remove the OpenCandy DLL from the avast installer in the next program update.
However, let me just say that I still think that the detection is illegitimate. OpenCandy is nothing else that a platform for doing partner software offers (bundles). There's a bunch of trusted companies doing business with OpenCandy, such as LogMeIn, NetNanny and Roboform.
It somehow reminds me of detecting all files packed by packers like Armadillo or VMProtect as viruses. True, there are some viruses that are packed by these packers. On the other hand, there's a bunch of legitimate (commercial) apps that are also packed by them. Having a detection that calls all files packed by these packers right away as viruses is just not right (easy for the virus analysts, but not helpful for the users).
Thanks
Vlk