How to Remove KeepCop | Keep Cop Removal Guide



KeepCop is yet another of those rogue antivirus applications that seem to be such a plague on computer users today. These rogue security applications usually installed without permission, or by means of trickery claiming to be a video codec or flash player update. Further they will start out on your computer by creating many new files in C:Windows and c:WindowsSystem32. They will then come back and scan these files and claim they have viruses. It’s basically a scam. They will find problems on any machine. Read on for how to remove Keepcop.


First off, I would go to the control panel and make use of the add/remove programs icon and try to uninstall keepcop. If it works it will make things much easier. Even if it DOES work to uninstall it you should install, update and run a scan with malwarebytes antimalware and then follow that up with a trusted antivirus product scan. This can be an online scanner like trendmicro’s housecall or it could be another trusted antivirus like avg or avira/etc.

If this hasn’t rid you of keepcop you should go ahead to the virus removal toolkit page and download a copy of malwarebytes antimalware. While you are there you may also wish to download process explorer. You may need it a bit further in the clean up process.

You may wish to go ahead and block keepcop.com to prevent further infections.

If you are unable to install malwareybtes you have a few possible options. 1) you may try renaming mbam-setup.exe to something else like iexplore.exe and retry the install, then update and scan. 2 ) reboot into safe mode with networking and then retry the installation of mbam. 3) Follow the next step which involves killing off the running processes associated with KeepCop. After that you can retry the install, update and scan with malwarebytes antimalware.

The following programs are associated with KeepCop and should be killed off using the task manager. If you are unable to launch the task manager you may try the following tricks. 1) copy and paste the taskmgr.exe executable to the desktop. Once there, rename it to something else (firefox.exe) and then retry launching it. 2) reboot into safe mode and see if the following files are running in memory. 3) Use process explorer to kill off the following processes:

302z0spam9ot5a3.exe
KeepCop.exe
uninstall.exe

The above filename may have a random component to it. Use the information above, the files listed below and what you see on your system to help you decide which files are associated with this rogue.

The following files and folders should be deleted for a manual removal of keepcop.

%docs%All UsersDesktopKeepCop.lnk
%docs%All UsersStart MenuProgramsKeepCop
%docs%All UsersStart MenuProgramsKeepCop1 KeepCop.lnk
%docs%All UsersStart MenuProgramsKeepCop2 Homepage.lnk
%docs%All UsersStart MenuProgramsKeepCop3 Uninstall.lnk
%progfiles%\KeepCop Software
%progfiles%\KeepCop SoftwareKeepCop
%progfiles%\KeepCop SoftwareKeepCopKeepCop.exe
%progfiles%KeepCop SoftwareKeepCopuninstall.exe
%win%\105019pambotzde.ocx
%win%\10527ziru9465.dll
%win%\105z9ir12765.ocx
%win%\system3230059viruz4f9.cpl
%win%\system3230077vir5zf9.dll
%win%system32302z0spam9ot5a3.exe
%tmp%RANDOMNAME.exe

Some of the file names above may contain random characters and will differ from system to system. Please use the examples and patterns you see above and what you find on your system to decide which files you need to remove. Even if your manual removal of Keepcop goes very well you will still likely have other leftovers so I would recommend that you download and scan with malwarebytes or superantispyware anyway to make certain that your system is clean. After that you should followup with a scan from a trusted antivirus application (online scan from trendmicro would be okay or something like AVG/Avira)

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove SysDefence | Sysdefence Removal Guide Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that......
  • How to Remove TheDefend | TheDefend Removal Guide TheDefend is a rogue antivirus program that is one of the latest incarnations of the wini family of rogues. It will introduce itself onto your system through aggressive advertising claiming to be a video codec update or flash player update that may be required to see a highly sought after......
  • How to Remove AntiAdd | AntiAdd Removal Guide AntiAdd is a rogue antivirus application. It is installed via trojans that claim to be video codec or flash player updates and then once installed on the system it will claim to be scanning your computer and discovering all sorts of viral infected files. In addition to this it may......
Blog Traffic Exchange Related Websites
  • CounterSpy Guide CounterSpy is actually a 5 star rated anti-spyware program that you simply can’t afford to get without. A number of quality anti-virus/anti-spyware programs can be obtained, and CounterSpy is just one of several top quality utilities I’ve tested, and strongly recommend. However, it’s not the only good utility for defending......
  • How to Install Kitchen Cabinets Installing new kitchen cabinets is a great way to give an old kitchen a facelift. In addition to being more useful, new kitchen cabinets can add value to your home and make it look a lot nicer. Before we get started, let's make sure you have all the tools you'll......
  • MediaMonkey Review On the subject of music players, there are more over a few names to pick from. With the heavyweights like Media Player and JetAudio Basic 8.0.14 to prospects light on resources and at the top of configurable options like Foobar. MediaMonkey fits somewhere at the center but offers some very......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site