Hi Joe,
Here's more inforation about that possible threat: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=HackTool%3aWin32%2fKeygen.
Sep 13, 2012 This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread. Hacktool:win32/keygen Have removed and or quarantined this virus several times using MSE and it returns even although I deleted the program that contained.
Windows Defender detects and removes this threat. This tool generates software keys. Malware is often installed along with this tool. Microsoft security software finds malware on more than half of the PCs where we detect this tool. Sep 22, 2018 Hacktool Win32 Keygen, in particular, is a new addition to this feared malware category and, according to the latest analyses, is among the most advanced threats that you could get your machine infected with.
![Nedir Nedir](/uploads/1/2/6/4/126428670/603668778.png)
Download Revo Unininstaller: http://www.revouninstaller.com/revo_uninstaller_free_download.html and use it in Advanced Mode to uninstall and remove hacktool win32 keygen (which should be installed as a program). Be careful when deleting the suggested items in the registry and the programs files to make sure you only check those that apply to the program and nothing else. It is typically very good at presenting what to select, but sometimes (rarely) it does include something you'd rather not delete so be careful and make sure you confirm the items to make sure they are related before you check them.
If that doesn't work, proceed as follows:
To be honest, I'd probably skip to the end and post for help to one of the recommended free malware-removal forums for expert help - but if you want to try some things on your own, here's what I recommend (trying Safe Mode with Networking if normal booting won't work - otherwise if that too doesn't work, skip to Windows Defender Offline below or again, go directly for expert help which is what even I'd do if my computer was that locked up).
Use Disk Cleanup to remove all temporary internet files and all Windows temporary files (and anything else you feel comfortable cleaning up in the process). Then, to be sure, download and use Old Timer TFC to truly get rid of all temporary files:http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/.
Reboot and empty the Recycle Bin.Then update and run a full scan with the updated MSE (or whatever real-time AV program you are using).
Even if that comes up clean, if you want to be more sure, try the following programs if you haven't as they may help (if we know the malware involved, we may be able to pare down the list, but for now if you want to avoid expenses (all are free) and without knowing what we're dealing with, it's best to try them all - one may be the one that does the trick or if you have more than one infection, it could easily take more than one scan to resolve things).
I recommend you download, install, update, and run full scans with Malwarebytes:http://www.malwarebytes.org/ and SuperAntiSpyware:http://superantispyware.com/ and Spybot Search and Destroy:http://www.safer-networking.org/en/spybotsd/index.html. Then run a full ESET online scan:http://www.eset.com/us/online-scanner. I'd also try Microsoft Safety Scanner:http://www.microsoft.com/security/scanner/en-us/default.aspx and TDSSKiller:http://support.kaspersky.com/viruses/solutions?qid=208280684. The more you do, the better the chances are you'll catch anything and everything that infected you.
Try Windows Defender Offline to see if it helps in case it's a rootkit or you can't access the system by normal means. You probably should create and update (if needed) the disk/USB on a different and clean machine rather than the infected one. The best instructions are this tutorial:http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html
Properly and completely removing some infections can be complex and often require manual removal procedures (which may or may not be entirely effective either). But not knowing here doesn't offer much help in terms of locating reliable removal sources.
![Hacktool:win32/keygen Hacktool:win32/keygen](https://www.vir.us.com/wp-content/uploads/Hacktool.win32Keygen.jpg)
Start here if using MSE - https://support.microsoftsecurityessentials.com/ and select the link that says - I think my computer is infected. Options will vary by region, but phone support leads you to Microsoft Answer Desk (http://www.answerdesk.com/) in the US at this time. After an initial free consultation, a fee will be charged for assistance, based on the details of the case.
In other regions not served by the link above or if not using MSE, go here:http://Support.microsoft.com/security and go to the “assisted support” or contact us menu.
If you find that too costly, some free malware-removal forums (which take much longer - both to get someone to respond and then to go back and forth working the problem, are forum-based, depend a great deal on the 'luck of the draw' concerning who gets assigned to your case, and are not guaranteed, and often do not include repairs to damage but just removal of the infection -but your symtoms seem more like a redirect infection than damage to me, but I've seen them help a lot and I've seen them not help much at all - and suspect it has more to do with the person assigned than with the sites themselves) include:
http://www.bleepingcomputer.com/forums/forum79.html (this would be my first choice)
I hope this helps.
Good luck!
Kosh
HackTool:Win32/Keygen Description
HackTool:Win32/Keygen is a malicious tool that generates keys (special codes) for illegally-obtained versions of various software products. HackTool:Win32/Keygen may initially seem beneficial but it does pose a threat to PC security as it may cause system malfunctions.
Hacktool:win32/keygen
HackTool:Win32/Keygen may put a computer user at risk of using software that is illegally registered. Because the HackTool:Win32/Keygen infection could generate the code to register warez or software that was never purchased, the programs may run without essential updates causing further software issues. Failing to eliminate HackTool:Win32/Keygen may put the administrator or registered computer user at risk for performing illegal activities.
Aliases
possible-Threat.Hacktool.KMS [Ikarus]Win32.Trojan.Agent.ET9SBN [GData]Keygen (PUA) [Sophos]Win.Trojan.Keygen-60 [ClamAV]CRCK_AUTOKMS [TrendMicro-HouseCall]Win32/HackKMS.A potentially unsafe [ESET-NOD32]Trojan ( 001946171 ) [K7GW]Generic PUP [McAfee]HackTool.Keygen.r3 (Not a Virus) [CAT-QuickHeal]not-a-virus.Keygen.FineReader [Ikarus]
More aliases (1281)
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to HackTool:Win32/Keygen may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %USERPROFILE%DesktopUNLOCK_HTC_TP2-5.EXE 300 2 E:instalkiavastKeyGen (FFF).exe 297 3 %APPDATA%Adobe_CS5.5_XFORCE_Keygen1.exe 287 4 %USERPROFILE%Documentswin 8 act7TKKMSA v1.5.1 - 7pmTech.com.exe 284 5 %USERPROFILE%Local SettingsApplication DataInstall.exe 281 6 %USERPROFILE%DownloadsNero 9Nero-9.4.26.0b_23_March_2010Nero9.Keymaker.5.55.By.Betamasterkeymaker.exe 281 7 E:xf-a2011-32bits.exe 256 8 E:DownloadRAC.Remote.Administrator.Control.v3.3.1.Incl.Patch-ICUPatchrac.server.3.3.1-patch-icu.exe 237 9 C:ARCHIVOS1ALFREDOantivirusG DATAT.R gdata.exe 231 10 %APPDATA%xf-autocad-kg_x64.exe 222 11 ashampkeygen.exe N/A 12 fltlib.dll N/A 13 Office activator.exe N/A 14 OfficeResetAuto.exe N/A
More files
Hacktool:win32/keygen Nedir
(4 votes, average: 3.00 out of 5)
Threat Metric The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users. The following fields listed on the Threat Meter containing a specific value, are explained in detail below: Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model. Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter. Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count. Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement. % Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage. | ||||
|