 Foistware, And how to avoid it |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
 Oct 2 2005, 12:26 PM
Post
#1
|
|
 Voted most likely  Group: Members Posts: 3,727 Joined: 19-September 04 From: Collingwood, Ontario, Canada Member No.: 2,883  |
Please be aware that these are only screenshots and nothing will happen to your computer. They are not clickable. The following is based on using Internet Explorer and concerns a feature called "Install on demand". There are instructions at the end of the post for disabling this feature So you click on a link for an anti-spyware program or maybe its a popup or a link in your email and you are taken to a website like this:  If you don't have Install on demand disabled and you use Internet Explorer you are already the unwitting recipient of the following download. It has been downloaded and installed on your computer. You are infected with malware now. This is known as a "Drive By Download".  If you do have Install on demand disabled you receive the above security warning and you would think that you are ok. You click No. You try to navigate away from the site, but wait, what this?  No, no, no, You don't want to do this. You click cancel. Now you get this:  Now what are you going to do? I don't believe that if you clicked Ok on that box that you would have the option of Run or Open, which implies a Cancel option too. I think the download may start right away. Its important not to panic or to get frustrated and click Ok just to make the boxes go away. Personally, I chickened out at this point. If you were using a ZoneAlarm Firewall or any other type that has an Internet Lock this would be the ideal time to use it. In order to get out of this you need to close the browser using the Task Manager/Close Programs feature accessed by using Ctrl+Alt+Delete and closing the page. The second time I went to this site when I forced the window to close I got a blue screen. If I get brave I'll go back and click Ok on that last one.  In Firefox, you can disable the automatic install feature this way: "tools tab", under "tools, options, web features", the default setting is "Allow websites to install software". Uncheck that. Thanks to our jgweed for that info. In Internet Explorer go to Tools>Internet Options>Advanced and take the check mark from Enable Install On Demand (Internet Explorer) and Enable Install On Demand (Other). The consequence of this will be that you will begin to see Security Warnings when something tries to install on your computer. Unless it is something you want to install (which happens rarely) always say no. Many thanks to Pandy for all her hard work on the screenshots in this post and her timely advice. This post has been edited by Pandy: Apr 13 2006, 07:53 AM -------------------- **** We use our powers for good, not evil **** When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo |
 |
 
|
|
Oct 2 2005, 12:33 PM
Post
#2
|
|
 Bleepin' GloMod Group: Global Moderator Posts: 6,677 Joined: 11-April 04 From: Whence I came Member No.: 108 |
Leurgy. It was my distinct pleasure to assist you.
-------------------- Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.
~ Benjamin Franklin Walk plank, srsly. I am a Bleeping Computer fan! Are you? Facebook Follow us on Twitter |
|
|
|
|
Oct 2 2005, 08:19 PM
Post
#3
|
|
 Bleep Bleep! Group: Admin Posts: 31,509 Joined: 24-January 04 From: USA Member No.: 3 |
Very informative posts and a great job on the research. This is a great example on how our members can see how malware/foistware/adware can get installed on their computers and how to avoid it.
Kudos! -------------------- |
|
|
|
|
Oct 3 2005, 09:45 PM
Post
#4
|
|
|
New Member Group: HJT Team Posts: 8 Joined: 26-May 05 Member No.: 21,477 |
Excellent write up. Well done.
UKBiker |
|
|
|
|
Oct 8 2005, 11:28 AM
Post
#5
|
|
 Forum Regular Group: Members Posts: 226 Joined: 6-September 05 From: Nottingham, England town! Member No.: 33,329 |
 As a newbie..i have just read this item and it was so easy for a non-puter savvy person like myself to understand.....thankyou pandy and Leurgy! 
--------------------  Of all the things Ive lost...I miss my mind the most! |
|
|
|
|
Oct 8 2005, 03:46 PM
Post
#6
|
|
 Member Group: Members Posts: 115 Joined: 5-April 04 Member No.: 67 |
Your fans over at CoU will see this link
-------------------- |
|
|
|
 Oct 8 2005, 07:37 PM
Post
#7
|
|
 To INSANITY and BEYOND !! Group: Moderator Posts: 21,490 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
A great wtite up as you know I got hammered by one of those a few days ago. I hope every body reads the aticle. Because these sites can be monsters.. Thanks for all the work.....
-------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... Become a BleepingComputer fan: Facebook |
|
|
|
|
Oct 9 2005, 01:00 AM
Post
#8
|
|
|
Bleepin' GloMod Group: Global Moderator Posts: 6,677 Joined: 11-April 04 From: Whence I came Member No.: 108 |
Oh Haroldo Thank you so much for the link there at CoU. That's awesome!
-------------------- Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.
~ Benjamin Franklin Walk plank, srsly. I am a Bleeping Computer fan! Are you? Facebook Follow us on Twitter |
|
|
|
|
Oct 9 2005, 05:15 AM
Post
#9
|
|
 I can see what you post! Group: Members Posts: 6,469 Joined: 14-February 05 Member No.: 12,053 |
Great advice! Very helpful in protecting yourself, regardless if you use Firefox or IE.
Personally I leave the "Allow Websites to Install Software." Checked, however I have only Mozilla's Official Firefox Extension website under the "allow list." -------------------- |
|
|
|
|
Oct 10 2005, 01:33 PM
Post
#10
|
|
|
Member Group: Members Posts: 18 Joined: 5-October 05 Member No.: 36,179 |
Very helpful for users and a good read.
-------------------- Resident Geek
"There is an answer to every question, but is there an answer to every problem?" |
|
|
|
|
Oct 10 2005, 04:22 PM
Post
#11
|
|
 Forum Addict Group: BC Advisor Posts: 2,695 Joined: 23-September 05 From: Michigan, USA Member No.: 34,941 |
Thanks for the info. I actually just accidentally visited one of these sites. I had misspelled a popular antivirus web site's URL and got the bad web site instead.
Sneaky little devils, ain't they! -------------------- ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY! Currently home chillin' with the fam and my two dogs! |
|
|
|
|
Oct 13 2005, 08:15 PM
Post
#12
|
|
 Distinguished Member Group: Members Posts: 772 Joined: 11-October 05 From: East Coast Member No.: 36,780 |
Thanks for the tip! I hate those sites. It's one of the reasons I switched to Mozilla.
--------------------  - Avatar graphics courtesy of Shatterheart.net, Celestial Star, and Rauvinne - Sig textures & stamps courtesy of Celestial Star |
|
|
|
|
Oct 14 2005, 06:15 PM
Post
#13
|
|
|
New Member Group: Members Posts: 8 Joined: 2-June 05 From: San Diego, CA Member No.: 22,100 |
Thanks for the tips, always appreciated guys.
|
|
|
|
|
Oct 15 2005, 11:05 PM
Post
#14
|
|
 Bleepin' Animinion Group: Site Admin Posts: 9,475 Joined: 18-August 05 From: Now On... Member No.: 31,547 |
Leurgy and Pandy,
It is my distinct pleasure to utilize my 100th post to, congratulate you both on an excellent job on this topic. It's very well written and illustrated. And long overdue to have this "Bleeping" subject addressed. Keep up the great work you two. Be (Foistware) Safe Da Animal -------------------- The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life. Andrew Brown  "On the keyboard of life, always keep one finger on the escape key." — Scott Adams. Become a BleepingComputer fan: Facebook |
|
|
|
 Oct 16 2005, 10:21 PM
Post
#15
|
|
|
Bleepin' GloMod Group: Global Moderator Posts: 6,677 Joined: 11-April 04 From: Whence I came Member No.: 108 |
Animal Thank you 
-------------------- Do not anticipate trouble, or worry about what may never happen. Keep in the sunlight.
~ Benjamin Franklin Walk plank, srsly. I am a Bleeping Computer fan! Are you? Facebook Follow us on Twitter |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 7th November 2009 - 11:53 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.