K2PS.EXE Trojan - Removal

If you have not executed K2PS.EXE, simply delete the file. If you have executed the file, follow the following steps to clean up your system.

1) Delete K2PS.EXE

2) Delete K2PS.EXE from \WINDOWS\SYSTEM directory.

3) Delete a hidden file called K2PS.CFG from \WINDOWS\SYSTEM directory. You will have to change the "hidden" attribute to delete the file by using a command such as "attrib -hr k2ps.cfg".

4) Use regedit.exe and delete the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Window\CurrentVersion\Run\K2ps.tasks C:\WINDOWS\SYSTEM\K2PS.EXE

5) Lastly and most importantly, change your password for all of the dialup network accounts you have registered on your computer. If you do not know how to change your password for the dialup network accounts, you should contact the support center of your Internet provider.

Norton AntiVirus users can protect themselves from this trojan by downloading the current virus definitions either through LiveUpdate of from the following web page: http://www.symantec.com/avcenter/download.html

Technical Details