Troj/KeyGen-EV

First spotted early in February of 2011, Troj/KeyGen-EV is a Trojan with illicit security-disabling and traffic-directing properties. Troj/KeyGen-EV may create serious security flaws in your system, install further infections to worsen the damage, allow remote attackers to gain control, or silently record all your personal information. Since the Troj/KeyGen-EV Trojan will usually infiltrate a computer in a surreptitious manner, knowing how to avoid Troj/KeyGen-EV and respond appropriately to small cues are important for minimizing potential data loss.

Defining Troj/KeyGen-EV's Infection Vectors

Much like a robber sneaking in through a window, Troj/KeyGen-EV will not explicitly tell you when Troj/KeyGen-EV is on your system. In all cases, some form of executable file download is required, but this can be assisted by a second piece of malware or more directly enabled by tricking the user into downloading a mislabeled or otherwise misrepresented file. If you've kept your anti-virus scanners updated, they can catch Troj/KeyGen-EV before it installs itself, but software with outdated definitions may not perform quite so well. Unless your security is flawed or other malware is present, there generally will not be a way for Troj/KeyGen-EV to get on your computer without you being aware of it.

Totaling Up the Possible Damage

This Trojan can have a quite small file size, but Troj/KeyGen-EV's potential threat is substantially greater than the space Troj/KeyGen-EV takes up on your hard drive. Be watchful for symptoms like the following, although it's unlikely that you'll see the same indications of Troj/KeyGen-EV's presence with multiple infections.

• Troj/KeyGen-EV will use your system memory, hard drive space, and other resources to conduct its own malicious activities. This can bring your computer down to a crawl regardless of whether you're browsing the Internet or just performing normal offline functions.
• Your web browser is highly likely to be hijacked. You may find error messages blocking you from accessing normal websites, or other interruptions that redirect you to unfamiliar destinations. Destination websites may be out to install more malware or may just want your money or personal information, but they're almost never safe.
• Information on your computer, particularly information pertaining to online financial transactions, may be recorded and sent out to remote attackers. This will allow criminals to use your computer, your bank account, your credit card information or even your identity for their own purposes. There will be little sign of this happening if it does occur, other than the presence of Troj/KeyGen-EV itself.
• Troj/KeyGen-EV may toss more malware on your hard drive that can perform even more malicious acts. Stopping this behavior without removing Troj/KeyGen-EV will likely be difficult or even impossible. As long as this goes on, you have no real control over what programs are on your system or what happens to the contents of your computer.
• You may become overwhelmed by large amounts of advertisement delivered in various ways, especially in pop-up form. These will typically direct you to dangerous websites when clicked.

Handling Troj/KeyGen-EV's Bill

Currently, removing Troj/KeyGen-EV isn't reported to require any odd hoop-jumping. Be prepared with pre-installed and updated anti-malware scanners, be comfortable with accessing Safe Mode, and above all else be prompt in responding to this threat. Since Trojans such as Troj/KeyGen-EV are highly likely to create gaps in your security to cause worse infections, delay in necessary responses can be fatal for your machine.