Jump to content

Open candy?


Recommended Posts

Hi, after the latest update restarted my computer and recevied this message

 

The following websites have been added to your hosts file

0.0.0.0 tracking. opencandy.com.s3.amazonaws.com

media.opencandy.com cdn.opencandy.com

tracking.opencandy.com api.opencandy.com

installer.betterinstaller.com installer.filebulldog.com

d3oxtn1x3b8d7i.cloudfront.net inno.bisrv.com nsis.bisrv.com ...

 

Do you want to edit the hosts file?

 

Did not change anything just updated Eset not sure why that is giving me that message

Link to comment
Share on other sites

  • Administrators

If you want to keep OpenCandy away from your pc, enable detection of potentially unsafe and unwanted applications and perform a full disk scan. We'd suggest uninstalling the appropriate application manually rather than delete particular files upon detection.

Link to comment
Share on other sites

  • 3 weeks later...

That's actually great by ESET!

 

This is my custom made hosts file that doesn't slow down your PC but protects you a bit:

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

0.0.0.0 localhost
0.0.0.0 bi.bisrv.com
0.0.0.0 cdn.bisrv.com
0.0.0.0 cdn.bisrv.com/sponsored/baidu/pcfaster
0.0.0.0 global-shared-files-l3.softonic.com
0.0.0.0 www.softonic.com
0.0.0.0 softonic.com
0.0.0.0 www.bestvistadownloads.com
0.0.0.0 image.online-convert.com/convert-to-ico
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
::1 localhost

A lot of these sites are very dangerous especially BAIDU

Link to comment
Share on other sites

Another way to block OpenCandy can be done with ESET firewalls rules or web protection rules.

Here are all instructions: Block PUA inside installers from Nero Burning ROM, Orbit Downloader, ImgBurn, DVDVideoSoft... - Install them without OpenCandy!

 

@Kev35

However your message seems to be from a kind of "OpenCandy blocker" which changes the hosts file to block OpenCandy, similar like has done it. Afterwards it seems to display this message, so please be aware that this message is not shown from any ESET-related software.

I don't know any "OpenCandy blocker" which does it like this, but there is a chance that someone developed such a software which readds the hosts file lines (if they should be deleted somehow - which is/would be very strange as the hosts file is normally quite good protected) and because of this this message is displayed.

 

So basically if you have an ESET software installed you have other possibilities to get rid of OpenCandy, like e.g. explained in the thread I linked above. So if you know how to do you can uninstall/delete the OpenCandy blocker and use a method we suggested here or one which is described in my thread.

Please also note that the hosts file should not be easily writeable as it can be misused by malware too, like I explained here. So if it is too easily writeable (maybe because the OpenCandy blocker modified the permissions) you may want to adjust the permissions of this file and protect it from unauthorised changes.

Edited by rugk
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...