How to Remove KeepCop | Keep Cop Removal Guide



KeepCop is yet another of those rogue antivirus applications that seem to be such a plague on computer users today. These rogue security applications usually installed without permission, or by means of trickery claiming to be a video codec or flash player update. Further they will start out on your computer by creating many new files in C:Windows and c:WindowsSystem32. They will then come back and scan these files and claim they have viruses. It’s basically a scam. They will find problems on any machine. Read on for how to remove Keepcop.


First off, I would go to the control panel and make use of the add/remove programs icon and try to uninstall keepcop. If it works it will make things much easier. Even if it DOES work to uninstall it you should install, update and run a scan with malwarebytes antimalware and then follow that up with a trusted antivirus product scan. This can be an online scanner like trendmicro’s housecall or it could be another trusted antivirus like avg or avira/etc.

If this hasn’t rid you of keepcop you should go ahead to the virus removal toolkit page and download a copy of malwarebytes antimalware. While you are there you may also wish to download process explorer. You may need it a bit further in the clean up process.

You may wish to go ahead and block keepcop.com to prevent further infections.

If you are unable to install malwareybtes you have a few possible options. 1) you may try renaming mbam-setup.exe to something else like iexplore.exe and retry the install, then update and scan. 2 ) reboot into safe mode with networking and then retry the installation of mbam. 3) Follow the next step which involves killing off the running processes associated with KeepCop. After that you can retry the install, update and scan with malwarebytes antimalware.

The following programs are associated with KeepCop and should be killed off using the task manager. If you are unable to launch the task manager you may try the following tricks. 1) copy and paste the taskmgr.exe executable to the desktop. Once there, rename it to something else (firefox.exe) and then retry launching it. 2) reboot into safe mode and see if the following files are running in memory. 3) Use process explorer to kill off the following processes:

302z0spam9ot5a3.exe
KeepCop.exe
uninstall.exe

The above filename may have a random component to it. Use the information above, the files listed below and what you see on your system to help you decide which files are associated with this rogue.

The following files and folders should be deleted for a manual removal of keepcop.

%docs%All UsersDesktopKeepCop.lnk
%docs%All UsersStart MenuProgramsKeepCop
%docs%All UsersStart MenuProgramsKeepCop1 KeepCop.lnk
%docs%All UsersStart MenuProgramsKeepCop2 Homepage.lnk
%docs%All UsersStart MenuProgramsKeepCop3 Uninstall.lnk
%progfiles%\KeepCop Software
%progfiles%\KeepCop SoftwareKeepCop
%progfiles%\KeepCop SoftwareKeepCopKeepCop.exe
%progfiles%KeepCop SoftwareKeepCopuninstall.exe
%win%\105019pambotzde.ocx
%win%\10527ziru9465.dll
%win%\105z9ir12765.ocx
%win%\system3230059viruz4f9.cpl
%win%\system3230077vir5zf9.dll
%win%system32302z0spam9ot5a3.exe
%tmp%RANDOMNAME.exe

Some of the file names above may contain random characters and will differ from system to system. Please use the examples and patterns you see above and what you find on your system to decide which files you need to remove. Even if your manual removal of Keepcop goes very well you will still likely have other leftovers so I would recommend that you download and scan with malwarebytes or superantispyware anyway to make certain that your system is clean. After that you should followup with a scan from a trusted antivirus application (online scan from trendmicro would be okay or something like AVG/Avira)

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove AntiAdd | AntiAdd Removal Guide AntiAdd is a rogue antivirus application. It is installed via trojans that claim to be video codec or flash player updates and then once installed on the system it will claim to be scanning your computer and discovering all sorts of viral infected files. In addition to this it may......
  • How to Remove SysDefence | Sysdefence Removal Guide Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that......
  • How to Remove SecureKeeper | Secure Keeper Removal SecureKeeper is a rogue antivirus application in the Wini family (with their recent new look user interface.) The Wini family is a very long running line of rogue security applications that have been producing two to three different rogues each week. Of course, the primary changes are the names, but......
Blog Traffic Exchange Related Websites
  • DIY: Replacing front lower control arm bushings Tools: Jack Jackstands 16mm socket 18mm socket 10mm socket 10mm box wrench Socket wrench Vice Drill Hammer 1/4" Drill bit Chassis grease (if the new bushings didn't come with any) Step 1: Break the front lug nuts loose (just get them started) Step 2: Jack up the front end of......
  • How to Install Kitchen Cabinets Installing new kitchen cabinets is a great way to give an old kitchen a facelift. In addition to being more useful, new kitchen cabinets can add value to your home and make it look a lot nicer. Before we get started, let's make sure you have all the tools you'll......
  • How Do I Check My Federal Income Tax Return Status? If you have received your W-2's and are anticipating a Federal income tax refund, it is important to file your taxes as early as possible to receive your refund quickly. In today's economic crisis, American's are awaiting tax time to receive funds that have been held by the government for......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site