Kev35 0 Posted May 10, 2015 Share Posted May 10, 2015 Hi, after the latest update restarted my computer and recevied this message The following websites have been added to your hosts file 0.0.0.0 tracking. opencandy.com.s3.amazonaws.com media.opencandy.com cdn.opencandy.com tracking.opencandy.com api.opencandy.com installer.betterinstaller.com installer.filebulldog.com d3oxtn1x3b8d7i.cloudfront.net inno.bisrv.com nsis.bisrv.com ... Do you want to edit the hosts file? Did not change anything just updated Eset not sure why that is giving me that message Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted May 11, 2015 Administrators Share Posted May 11, 2015 If you want to keep OpenCandy away from your pc, enable detection of potentially unsafe and unwanted applications and perform a full disk scan. We'd suggest uninstalling the appropriate application manually rather than delete particular files upon detection. Link to comment Share on other sites More sharing options...
Super_Spartan 56 Posted May 27, 2015 Share Posted May 27, 2015 That's actually great by ESET! This is my custom made hosts file that doesn't slow down your PC but protects you a bit: # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 0.0.0.0 localhost 0.0.0.0 bi.bisrv.com 0.0.0.0 cdn.bisrv.com 0.0.0.0 cdn.bisrv.com/sponsored/baidu/pcfaster 0.0.0.0 global-shared-files-l3.softonic.com 0.0.0.0 www.softonic.com 0.0.0.0 softonic.com 0.0.0.0 www.bestvistadownloads.com 0.0.0.0 image.online-convert.com/convert-to-ico 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com ::1 localhost A lot of these sites are very dangerous especially BAIDU Link to comment Share on other sites More sharing options...
rugk 397 Posted May 30, 2015 Share Posted May 30, 2015 (edited) Another way to block OpenCandy can be done with ESET firewalls rules or web protection rules. Here are all instructions: Block PUA inside installers from Nero Burning ROM, Orbit Downloader, ImgBurn, DVDVideoSoft... - Install them without OpenCandy! @Kev35 However your message seems to be from a kind of "OpenCandy blocker" which changes the hosts file to block OpenCandy, similar like has done it. Afterwards it seems to display this message, so please be aware that this message is not shown from any ESET-related software. I don't know any "OpenCandy blocker" which does it like this, but there is a chance that someone developed such a software which readds the hosts file lines (if they should be deleted somehow - which is/would be very strange as the hosts file is normally quite good protected) and because of this this message is displayed. So basically if you have an ESET software installed you have other possibilities to get rid of OpenCandy, like e.g. explained in the thread I linked above. So if you know how to do you can uninstall/delete the OpenCandy blocker and use a method we suggested here or one which is described in my thread. Please also note that the hosts file should not be easily writeable as it can be misused by malware too, like I explained here. So if it is too easily writeable (maybe because the OpenCandy blocker modified the permissions) you may want to adjust the permissions of this file and protect it from unauthorised changes. Edited May 30, 2015 by rugk Link to comment Share on other sites More sharing options...
Recommended Posts