Home Blog

Kepsy Worm – How to Remove Kepsy completely from PC

Posted by in Blog Worm
on February 1st, 2013 | Leave a comment

Kepsy is a kind of worm virus that is able to copy itself as many as possible to infect removable drives and network shared files. It will scan for usb drives and then create malicious files folders on it. Meanwhile, it creates a copy of itself on the compromised computer and disguises itself as a legitimate system file. Kepsy can run at windows start up by adding related registry entries and can restore itself when corrupted.

When a new USB devices is connected to a compromised computer, Kepsy can detect it sensitive and then immediately infect it. Kepsy replicates itself to the drive as an executable file using the same name as a folder on the drive, without an extension. Kepsy also uses an icon that makes the file look like a folder. The name, lack of an extension, and the use of the folder icon are all created to trick computer users into thinking it is actually a folder, hoping that they will attempt to ‘open’ that folder, and instead accidentally run Kepsy.

How to remove Kepsy Worm manually
If you know how to locate malicious files and modify windows registry, you can try to remove the worm manually. If you are not very skillful, you may damage the computer by deleting a wrong file or registry entry. Here is how to remove Kepsy Worm manually.
Step1. Run task manager and then kill the process
RVHOST.exe
If you can not end the process, try to enter Safe Mode
Step2. Delete following files

%WinDir%\RVHOST.exe
%System%\RVHOST.exe

Step3. Run registry editor and then delete Kepsy Worm registry entries

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]
“Yahoo Messengger” = “%System%\RVHOST.exe”
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
Shell = “Explorer.exe RVHOST.exe”
[HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System]
DisableRegistryTools = 1
DisableTaskMgr = 1

After the three steps, you should be able to get rid of Kepsy Worm. If you are not experienced enough to take manual method, you should use a security program to remove the worm automatically.

What is the most effective way to remove Kepsy
When the worm is rapidly reduplicating itself, it is really necessary to wipe it off as soon as possible. If you do not have enough pc skills and knowledge, it is no need to waste time on trying manual way. A virus removal program can remove the worm quickly. And it is also a safe way to get rid of Kepsy. We notice that more and more pc user equip their pc with a security program and some even have more than two. When a security program can not remove a kind of virus, you need to download another one to protect the computer. If you want a Kepsy removal program, you could have a look at Spyware Cease. I believe you will get a satisfied result after running a scan.

Comments are closed.