ferGeeks - Guides fer Geeks
2Aug/1229

Fast Save 1.1 Chrome extension adding ads and causing havoc

Have you noticed in the last day or so random ads on your favorite websites? maybe you have ads on your own website that you didnt put there?
Are you using Google Chrome internet browser? if you have answered yes to these questions then you may have  fallen victim to the malicious fastsave 1.1 chrome browser extension.

What is FastSave 1.1 Chrome Browser extension?

Fast Save 1.1 is an extension in the Chrome browser that you did not install; it was automatically put on your browser like a virus but luckily it is very easy to remove.

What does Fast save 1.1 do?

Fast Save 1.1 will automatically overlay ads onto images on websites you are browsing; you may not even notice they are there because internet advertising is everywhere but if you own the website you are browsing and spot one of these ads then it is very easy to see something very fishy is going on.

Take a look at what I found when I visited Fergeeks.com tonight; this is what alerted me I had a problem with ads.

Fastsave 1.1 ad

If you look at the source code  you can see the following fishy HTML code.

<script type="text/javascript" src="http://include-it.net/?p=119"></script>

<script type="text/javascript" src="http://srv1.mediads.info/i/?tid=23&amp;subid=2017"></script>

<script type="text/javascript" src="http://www.superfish.com/ws/sf_main.jsp?dlsource=cbsfastsave&amp;userId=4fc9a7ce0ea27582051112&amp;CTID=p2017"></script>

<script type="text/javascript" src="http://www.superfish.com/ws/js/base_single_icon.js?ver=12.0.1.6"></script>

<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/dojo/1.5.1/dojo/dojo.xd.js"></script>

<script type="text/javascript" src="http://includeit.info/include.js?id=js29"></script>

<script type="text/javascript" src="http://www.superfish.com/ws/getSupportedSitesJSON.action?ver=5.6&amp;callback=SF_isURISupported" id="sufioIoScript1" charset="utf-8"></script>

<script type="text/javascript" src="http://www.superfish.com/ws/rvwl.action?ver=3&amp;callback=SF_isRvURISupported" id="sufioIoScript2" charset="utf-8"></script>

<script type="text/javascript" src="http://www.superfish.com/ws/getCouponsSupportedSites.action?ver=15&amp;callback=SF_cpnWlCb" id="sufioIoScript3" charset="utf-8"></script>

<script type="text/javascript" src="http://includeit.info/scripts/inl_dmmtch2.min.js"></script>

<link type="text/css" rel="stylesheet" href="http://static.cpchero.biz/style.css" media="screen">

<script type="text/javascript" src="http://xml.cpchero.biz/search?query=web-backlinks.com&amp;feed=3624&amp;subid=dommatch&amp;url=http%3A%2F%2Fweb-backlinks.com%2F&amp;user_ip=caller&amp;ua=caller&amp;count=10&amp;format=json&amp;callback=RXYO_Interstitial.DoInterstitial"></script>

How to remove Fast Save 1.1

To delete Fast Save 1.1 (and I recommend you do remove it) you need to go to your Chrome extension settings and then you need to click on the trash icon next to Fast Save 1.1.

Chrome Browser extension menu

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Remove Fastsave.... hell yes!

 

 

 

 

 

 

 

Update:

Click2save extension , fastsave extension & saveAS extension all seem to be the same thing; I found a place that is serving them, its an opt in box when you download a torrent from ISOhunt.com so if you download a torrent make sure the box is unchecked (checked by default)
I don't download torrents; nor does my wife and yet we had this extension on our computer, no clue yet how we got it.

In light of this new information I suggest you take a look at 5 reasons why Torrents suck.

 

 

Comments (29) Trackbacks (0)
  1. Great guide, I am looking at finding out if my server is passing this out. Hackers / script kiddies gaining revenue!

  2. thank you so much.

  3. I just had to remove it. Do you know where it originated or how its spreads?

  4. I just discovered this while shopping for a new ssd. All it did was show me the prices of other retailers, along with a referral link. Saves me a lot of time messing around with comparison shopping. I might keep it for a while, assuming it’s not leaking personal info.

  5. Yep, mine came from IsoHunt. Links to cpchero.biz and sonicsearchonline.biz

  6. Um, I love you.

  7. Thanks so much :).

  8. I need to thank you too! (And stop going to unorthodox sites with thismalware)

  9. Thank-you so much – found the problem and got rid of it. Thanks again!

  10. Is there a company name you can give?

    I just sent a “nice” email to superfish letting them know exactly what I think of their product… I’d be more than happy to share my “joy” with who ever made the fastsave extension.

  11. Thank you very much for posting this.

  12. Noticed something odd while browsing Ebay. Googled it and sure enough it was this stupid extension that somehow snuck its way in through a download of some sort. Sneaky little bugger. Nice, quick and simple Article. Thank you.

  13. I see the extension has been removed from the app store, which is good.

  14. I’ll be really honest I usually loathe all the add-on applications associated with downloads, but this one is actually quite a gem. So far I have seen no actual evidence that it is malicious (in terms of distributing my info or slowing down my PC), and it actually makes comparison shopping really easy. I often go to sites like shopbot or other services who offer this exact service, and when shopping for a couple products tonight this extension had retailers shopbot had no idea existed, and gave me several better prices.

    Had I known this extension existed, I would have installed it ages ago.

    • You sir are in my opinion are an idiot; and I am pretty sure that you work for the creators of Fast Save; nobody in their right mind would want obtrusive ads like this in their browser.

  15. Torrents suck since you obviously enjoy paying $30+ for one DVD and $20+ for a single cd. Oh and one more thing, here you are blasting fastsave and then you include ads yourself at the bottom of your article? Hypocrite.

    • I do not have any ads on my this blog; I do have a link to another site that I own so maybe that is what you are referring to? and even if I did put ads on my site what is the big deal? I put them there on purpose; not some malicious extension.

  16. I to have this annoying pop up ads but i dont have FAST SAVE so i have temporarily blocked 3rd party ad ons which has since messed up my toolbar.. any other help on removing this would be great.. I got it watching a video on youtube through facebook.. soooo annoying :(

  17. I have a mac and i didnt find any of the extension mentioned in chrome. However, I did download facebook dislike extension, removing of which fixed my link problem.

  18. Fast Save also seemed to be setting off avast! antivirus for me. I have no idea how long it’s been on my computer, I only just noticed it now since avast was being triggered by seemingly nothing. I just removed it and now it seems ok.

  19. Also check for the name Save As. It’s the same thing just disguised with a differant name.

  20. Neat bookmarks now inserting ads too…


Leave a Reply

No trackbacks yet.

Switch to our mobile site