How to Remove SecureKeeper | Secure Keeper Removal



SecureKeeper is a rogue antivirus application in the Wini family (with their recent new look user interface.) The Wini family is a very long running line of rogue security applications that have been producing two to three different rogues each week. Of course, the primary changes are the names, but the way of operating is about the same. These will be pushed on users through supposed flash player or video codec downloads. Then will claim that the system is infected with many viruses and that the only thing you need to do to remove the viruses is to purchase their software. Please don’t purchase securekeeper and finance this scam. Read on for how to remove SecureKeeper.


First you may wish to visit the control panel and attempt to uninstall securekeeper via the add/remove programs link in the control panel. Even if this works I still would want to install, update and run a scan with malwarebytes antimalware as well as a trusted antivirus application such as Avira/AVG or another legitimate antivirus application. (Online scans such as trendmicro’s housecall would be all right as well.)

You will likely want to block the following website:

securekeeper.com

Download and install Malwarebytes antimalware from the virus removal toolkit page. While you are there you may also want to download process explorer as you may need it further in the removal process. Install, update and run a full scan with malwarebytes antimalware. If you are unable to install malwarebytes you may try the following tricks. 1) rename the installer mbam-setup.exe to something else like firefox.exe. Then retry the install, update and scan. 2) reboot into safe mode with networking and retry the installer/update and scan. 3) follow the next step which involves killing off the running processes associated with SecureKeeper and then retry the install of malwarebytes.

The following processes are associated with SecureKeeper and should be killed off using the task manager. If you are unable to launch the task manager you may try the following. 1) copy the program file for task manager (taskmgr.exe) and paste the copy to the desktop. Then rename it to firefox.exe or iexplore.exe and retry launching it. 2) reboot into safe mode and see if the processes are running and if they are try to kill them off. 3) Use process explorer instead of task manager to kill off the following processes:

46z9v5r2938.exe
10939spam5oz722.exe
SecureKeeper.exe
uninstall.exe

There may be a randomization component to the naming of the files listed above. For that reason you may not see identical names. Use the patterns you see above and the file locations listed below along with what you see on your system to figure out which processes on your system should be killed off.

The following dll should be found, de-registered and deleted:

109z5spam5ot39f.dll

Again – there may be some randomization – use the patterns above, the folders below, along with what you find on your system to determine which dll should be de-registered.

The following files and folders are from Secure Keeper and should be deleted for a manual removal of securekeeper.

%docs%\All Users\Desktop\SecureKeeper.lnk
%docs%\All Users\Start Menu\Programs\SecureKeeper
%docs%\All Users\Start Menu\Programs\SecureKeeper\1 SecureKeeper.lnk
%docs%\All Users\Start Menu\Programs\SecureKeeper\2 Homepage.lnk
%docs%\All Users\Start Menu\Programs\SecureKeeper\3 Uninstall.lnk
%progfiles%\SecureKeeper Software
%progfiles%\SecureKeeper Software\SecureKeeper
%progfiles%\SecureKeeper Software\SecureKeeper\SecureKeeper.exe
%progfiles%\SecureKeeper Software\SecureKeeper\uninstall.exe
%win%\10073z9t-a-virus2ad5.cpl
%win%\10939spam5oz722.exe
%win%\109z5spam5ot39f.dll
%win%\system32\46z9v5r2938.exe
%win%\system32\473zvir1995.bin
%win%\system32\4767dowzlo59er1019.bin
%tmp%\.exe

You may notice again that there are file names that appear to be created at random in the list above. Please use the patterns you see above as well as the actual files you see on your system as a guide for what should be deleted. After this you have almost completed your removal of securekeeper. To make sure that things are thoroughly cleaned I would follow up at this point with a full scan with a tool such as malwarebytes antimalware and a virus scan (trendmicros online housecall or AVG/Avira/etc.)

   Send article as PDF   

Similar Posts