A Nasty Case of Krab Web

Computer security concept in word tag cloud on white background

It can happen to anyone. Suddenly, your computer screen is an explosion of pop-ups. You think you’ve clicked close only to have another pop-up take its place.  And then they start opening something you never agreed to. Frantically, you try to shut things down only to discover your cursor has a mind of its own. You try to Google what to do, and keep going to a site you’ve never heard of and don’t want. Welcome to the nightmare of a malware infestation.

MALWARE ATTACK! What Do I Do NOW?

screenfull1

I just spent some quality time cleaning a nasty case of Krab Web malware off a laptop. The user had no idea what the item she downloaded would come bundled with. So, let that be my first helpful lesson to you.  Unless you download directly from the source, you are getting your downloads from third party distributor. The names are common, including biggies like CNET and Softonic.  It isn’t that you can’t trust them.  It’s that even they can’t trust what’s going into the mix.  Your best bet is to forego the default installation choice and choose “custom”.  Because when you just click and agree, a couple pages will zoom past. You may think you agreed to another toolbar but you just signed on the dotted line for a dozen – no, I am so not kidding – a dozen or more annoying and even malicious programs that will take you where you do not want to go.  By this, I mean sites where they are phishing for you and downloadable remote access bogeys lurk. But that is a whole separate posting of pain for another day.

STEP 1: Identify and Destroy

step1Let’s say you are on Windows. Open the Control Panel. Then, select Program and Uninstall.  Try to bear with all the pop-up boxes and not click anything.  Once the list of programs appears, click on the Date column to bring up items most recently added. You should see a list of at least 12 or so from when you did your download.  Some will say “Optimizer”, some will say “Protection”, some will say “Best deals”.  They are all bogus.  You want NONE of them. Start by selecting each one and clicking Uninstall.  You can agree to using the program’s own uninstaller remove it. That’s normal. And the best way to get rid of them.  Here’s what I tossed in the trash:

  • Remote Desktop Access VuuPC\
  • PepperZip
  • Optimizer Pro
  • StormWatch
  • Search Protection
  • My PC Backup
  • Surfkeepit
  • eDeals
  • SPT System Updater Service
  • Word Prozer
  • HQ ProVideo
  • Fast Player

Yes, they may sound legit.  But they all had today’s date stamp, and some of them were particularly nasty malware/adware.  As the song says “Don’t Get Fooled Again!”

STEP 2: Remove Adware using ADWCleaner

adwYou may be able to access your browser at this point. If you can, go to this site: ADWCLEANER DOWNLOAD LINK to download an effective Adware cleaner.

Follow the instructions and install. Click on the “Scan” button and then click “Clean”.  You’ll have to reboot.

 

STEP 3: Remove program files with MalwareBytes

malbytesNow, you  need a program to go after the virus, Krab in this case. Download  MALWAREBYTES ANTI-MALWARE. Follow the prompts and install the free version.

 

 

 If prompted, click the green “Fix now” box to start the scan.

malbyte2You may be prompted to upload updates. Click agree.   The program will scan, you can watch the progress, and when it’s done you’ll be notified.  The dangerous files will be quarantined, and expect to be asked to reboot. Say yes.

 

STEP 4: Clean your Browsers

google1You will probably notice a delightful lack of pop-ups this time. But you’re not in the clear yet. You need to clean your browsers now.  Follow these steps as outlined.

If you use Internet Explorer, click on the right corner gear icon for Settings. From the drop down box, click Internet Options.

 

 

google2

In the next box, click on the “Advanced” tab. Click on the “Reset” button. In the next box, select “Delete Personal Settings” and click “Reset”. When Explorer is finished, click close.

 

 

 

 

 

googleFor Google Chrome, click this symbol at the top right: symbol. Then, click on “Tools” and then “Extensions”.

 

 

 

In the Extensions tab, you’ll see Krab Web and other items, some which you don’t recognize. Click on the trash can icon beside those you want to remove. If you didn’t install it, delete it. extensions

 

STEP 5: Check the Spread

A note of caution: Malware spreads with physical contact so you need to check any other devices you’ve connected to your computer, like USB or flash drives, tablets, or even your phone.  Run a scan using your anti-virus and Malware Bytes.Trust me – you’ll be glad you did. Now you’re clean and protected. Surf safe!

** A big thank you to MalwareTips.com and their helpful site

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s