Monthly Archives: June 2009

Project Web Tattoo Fast Browser Search Removal – Update

3
Posted by chris on Sunday, June 28, 2009 – 6:50 PM
Filed under fix, malware, software, Tests
Tagged as ,

I’m afraid I have some bad news on my mission to install Web Tattoo and remove it and the Fast Browser Search redirector that takes over your web browser.. First I couldn’t find it on Facebook anymore. I don’t know if it was finally removed because of the problems it caused or maybe I’m just not searching correctly but it appears to be gone. So I did a google search for it and was able to find the website where it could be downloaded and installed. Unfortunately, I can’t get it to install into Internet Explorer 7. Every time I’ve tried to install it into IE7, I got an error and it just hangs or quits.

So it’s back the drawing board. Just writing this has given me a couple of ideas of why it won’t install this time. I haven’t given up but I’m afraid it’s already taking longer than I expected. So stay tuned and with any luck, the next update will be the solution.

UPDATE: Here is some info I found about removing fast browser search from Internet Explorer (IE) http://www.pccybertek.com/2009/10/remove-fast-browser-search-from-ie-7-ie8

Project Web Tattoo Fast Browser Search Remove Part 1

20
Posted by chris on Friday, June 26, 2009 – 1:21 AM
Filed under fix, free software, malware, scams
Tagged as ,

One post has brought this site more traffic than anything else ever before. My article on removing Fast Browser Search. That nasty little search re-director that gets installed when you install a Facebook plug in called Web Tattoo.

The story thus far. For some reason I decided to install web tattoo. I knew it was probably going to install something else. Rule #1 – Programs on the internet that claim to be free, especially add-ons for social sites, aren’t really free. I just figured I could uninstall whatever it slipped in. After I uninstalled Web Tattoo, from FireFox and using add and remove programs in the windows control panel, and it was still redirecting my traffic to Fast Browser Search, I’d just remove it with Spybot or Ad-Aware or Hi-Jack This and remove it from the registry. However, none of these detected it and I couldn’t find any sign of it in the registry. Then I did a search on the internet and couldn’t find anything about removing it either. So I did some thinking and figured out how to remove it. Seeing how there was such a lack of articles dealing with this pest, I figured it would be the perfect thing for my blog. So I wrote this article on how I removed it from FireFox .

Next thing I know there’s a spike in the traffic coming to my little unknown blog. I was happy to learn that referrers were search engine results for “fast browser remove” and other similar queries. All of them looking for a way to take out this blasted thing. For a short time, my blog was on the first page in google if you were searching for a way to remove it. This got me pretty jazzed. I’ve had this blog for a couple years but never had much traffic before. After a couple weeks, the traffic to that article I wrote started tapering off. I was no longer in the first page or two when people searched for it. Then all the sudden it spiked again. Turns out someone on a google forum had Fast Browser Search take over their browser. Next thing I know I’m getting a ton of hits again, this time all comming from this post. Now if the people this helped would just click on my google adds, I could earn a couple cents in this tough economy ;)

There was only one problem. My article only covered how to remove it from FireFox. Turns out there are plenty of people with Internet Explorer who have been attacked by this scourge known as Fast Browser Search. So here is what I’m going to do. Initially I was going to install Windows XP on a virtual Machine. But this would take quite some time and work before I could deliberately infect myself with Fast Browser Search. So I decided to take a short cut. After I’m done writing this, I’m going to create a new user account in windows, head over to Facebook and install Web Tattoo while using Internet Explorer. Then I’m going to figure out how to remove it and write part 2 of this article. So check back in a day or so, hopefully it won’t take me longer than that to figure out. If you would like to show some appreciation, click on my google adds, or leave me a reply. I love getting replies and hearing from you.

Norton Fail

4
Posted by chris on Tuesday, June 23, 2009 – 12:54 AM
Filed under video

I’m not a big fan of Norton Anti Virus or Internet Security. Norton Anti Virus was the best selling software I ever sold at the computer store. Most the time, customers had no problem installing it, unless they were buying it because they were already infected. In which case, I don’t fault Norton AV if it wouldn’t install because many virus attack Norton.

Then Syamntec decided it needed copy protection. I think it was 2004. All of the sudden, most of the people that bought Norton couldn’t get it installed. If they had ever installed any other anti virus, even Norton, it wouldn’t install. Many of my customers were upset. Some even went to the website and downloaded a program that was supposed to fix it so they could install it, and that didn’t work either. When I had to charge people an hour labor, which didn’t even cover the time I spent, they were even more upset. My fix was to go in to safe mode, find and remove every program and directory named either Norton or Symantec. Then I would have to do the same in the registry. Then it would finally install. If Norton wasn’t to blame, this wouldn’t have fixed it. Not to mention what a system hog it had become. Many times it would just break and I would have to go through all of that to reinstall it. Too many alienated customers later, I quit selling Norton altogether and would only offer it if they were buying a computer from me. By the way, I tried installing NAV 2006 on a computer at work several years ago and spen hours trying to get it to install, so apparently it still isn’t any easier. That way I knew it would install because it had a fresh OS on it. Just so you know, I use ESET NOD32 which is why I have an add for it. I have never had a single problem installing or updating it. It uses less system resources and has a more complete virus definition data base. And that computer at work that wouldn’t install NAV 2006, NOD32 installed without a hitch. It makes me wonder if all that copy protection actually increased profits at all. The funny thing is, the copy protection didn’t stop the pirates, it was available for download. Ironically, it wasn’t the copy protection that kept pirates from sharing it, it was how bad the program had become.

So when I saw this video, I had to post it here. Between my experience with Norton and working at a TV station, where we use stuff like Power Point while broadcasting, I couldn’t pass this up.

Spyware Protect 2009 is a Virus

0
Posted by chris on Saturday, June 13, 2009 – 7:52 PM
Filed under botnets, conficker, cybercrime, free software, malware, phishing, scams, software, virus
Tagged as , , ,

ConfickerFakeAV I’m sure you have all seen this before. Your surfing along, when all of a sudden, you get a pop-up that alerts you that your computer is infected! YIKES! What to do!??! Ah, you can just download a “free” program that will fix it for you. I’d hope you already know, this is a scam. It’s one of two things. You can either download a legit program that will scan your computer, tell you how badly infected it is and you can purchase a full version of the program to remove all your “infections.” Just in case your not really infected, these programs will increase your infection count by adding your cookies to the list. Pretty good way to jack up the numbers, but I wouldn’t call cookies an infection. And I sure don’t have to buy any program to remove them. The other thing that could happen, and probably will is, you will download a program that will then install it’s own addware. Turns out they have a name for this stuff now, and that name is Scareware.

Turns out many people are still falling for this scam. I had to clean my parents computer up, from one of these. Try doing it over VNC, and you may have your patience tested like I did. Anyways, the old folks aren’t the only ones falling for this, and now their is a new variation. Spware Protect 2009, is the new breed of scareware. Not only does it con you by getting you to install it, it actually does damage to get you to “purchase” it for $49.99 and install a trojan downloader. Meanwhile it increases the pop ups telling you how infected your computer is. So you order the program with your credit card and guess what, you just gave them your credit card number, no hacking needed. A local electronics store, with the initials RS, got hit by it and from what I could get out of them, sounds like the whole corp has been infected through their network.

Since I first found out about this last week, I’ve found out that it’s now also being installed by the conficker virus. At first I was thinking, wouldn’t people be suspicious if there was a new piece of software, on their computer? I sure as hell would. Then I started thinking about it, in a corporate situation. Some poor schmuck, in accounting or where ever, could think it was installed by their IT Dept. So the keylogger installed would run until the computer crashed. The one good thing is, the domain that was selling Spyware Protect 2009 is gone. Keep an eye out for variations with new names and the same or slightly modified interface.

-Your friendly neighborhood PC Cybertek