Readers like you help support MUO. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.

I had my computer scanned by Malwarebytes and I got the following results:

Vendor: RiskWare.tool.ck

category: File and Memory Process

Item: c:\Windows\kmservice.exe

So does anybody know what is RiskWare.tool.ck?

Is it dangerous for my computer?

Why didn't Spybot report it?

Noone
2012-04-14 17:54:00
You got the best answer..Thanks 
Aibek
2011-10-30 05:00:00
Thanks for the comment.Could you please take a screenshot of that warning message you get from McAffe and send it over to us.I just checked the download again and it's definitely appears as clean. Also, checked the file on:VirusTotal, http://www.virustotal.comJotti Virus Scan, http://virusscan.jotti.org/en-gbboth showed no alert.Aibek
MAKEUSEOF VIDEO OF THE DAY
SCROLL TO CONTINUE WITH CONTENT
Monkeycmonkeydo
2011-10-29 16:15:00
Ok here's the scoop so far...I forgot to run Hijackthis last night and if I had I would have noticed a little sleeper bugger that seems to be plaguing ppl in Microsoft Office, redirector urlredir.dll. I did go to the site and try downloading again got the same, but after I'm done with this adventure and not being redirected I'll try again. My apologies if I made a hasty comment/statement .... just keepin' in real.
Aibek
2011-10-29 13:36:00
http://virusscan.jotti.org/en-gb/scanresult/f5295889397247a5df470173ba804f0de127fe1b
Monkeycmonkeydo
2011-10-29 15:28:00
u wanna talk cause i was so tired after that i went to bed just got up because I couldn't believe myself especially this morning after looking into some pages re: ur business
Monkeycmonkeydo
2011-10-29 15:35:00
Like I said last night, I'm not here to make trouble for anyone and you know the older I get the more I realize the less I really do know. I did not take any screen shots last night and I just looked at McAfee I sent a whole bunch of stuff that I had forgotten to deal with in Quarantine so there isn't anything in there. I'm going to the site right now because I really would like to have some real-time protection along with everything else I have that allows me to do battle. If I can reproduce last night's event I'll let you know.
No
2011-10-27 09:17:00
as soon as i ran this keygen, my mom died
NotForSell
2011-10-28 06:25:00
Your mom died... Seriously.... You are fking ignorant...
Guest
2011-11-02 17:32:00
It's a joke son, it's a joke.
Pahjalik
2011-10-21 04:46:00
So the final result is??  ---   No one knows!  Lots of free advice but remember what you paid for all that free advice and equate the value.  It's 50/50 they're either right or wrong.
Mr.Berns
2011-10-13 13:17:00
Mine got flagged as well, but i use mine for legitimate reasons. I have an XP VM template that I use to deploy and the program i use to change the default key to a purchased key ( i used an OEM license XP to create the template) is XPPID, which tells you up front that it uses this peice of software.  So, other than downloading some traffic monitoring software to see what is going out from your PC (wireshark) i would say its a false positive.  Though just as many have suggested, i would not use it as an ilegal keygen. 
Captain_flemme
2011-09-13 00:17:00
Hello,i have another solution. if you need the key to make your soft working but you don't want to take a risk, launch it in a sandbox like sandboxie. you get the key a virus or anything else don't have access to your system !!!Hope it helped
DarkSyd
2011-08-03 02:39:00
I get this "False Positive" from a .tmp file that keeps generating itself. Sooooooo....REMOVE IT!!! This kind of action is related to keygen's
ProfessorCalamitoser
2011-07-05 07:52:00
bullsh1t!!!! if u got problem with that 'thing' than dont use it!!! ''And Old Man Said' We Live Our Live,Our Life is For a CraCker'...
Christopher Royall
2011-06-20 07:30:00
OK, to actually answer the question: "What is RiskWare.tool.ck found by Malwarebytes?":Malwarebytes flags anything that has the word patch either in it's name or code or folder name.  Let's break down the name:  Risky: involving the possibility of something bad or unpleasant happening : involving risk, Tool:  something that helps to get or achieve something, does a job or activity.  CK:  Might refer to the company or group that made the patch, but really not positive on that one.Now, let's ask ourselves, why might Malwarebytes find this code to be malware/spyware?  Hmm, Do you really believe that these large consortiums of people/programmers out there, such as the 'Crude Team', are just spending hours of time to create these patches and keygens and give them away through torrents out of the kindness of their hearts?  Obviously, their making money on this, and since you can download most of these for free through various torrent groups, then one must ask how are they making money on these?  One example would be, create a patch that once ran, stay running till the computer is restarted, or just keeps running all the time, hidden within another program, that records all keystrokes entered into your computer, ie:  Credit Card numbers, with expiration dates and Back of Card codes.  Send them over the internet intermittently while the computer is idle, or in small enough increments to avoid being noticed.  Wham, Bam, Thank you Ma'am, You just got $5000 credit card slam.  How about if it just gets your log-in information for websites such as Netspend, Paypal, Netflix, etc.  Starting to get the picture anyone?  You got a $150 package for free, yes, and down the road, maybe not in the next day or so, but sometime down the road, all of a sudden, you find out someone opened a credit card in your name, ran it up to $10,000, and now, it's going to take you a heck of a lot of money to get that cleared from your records.That all being said, you might want to rethink this thing.  Remember, it never pays to covet your neighbors property.  What does that mean?  It means, you want what your neighbor has, but don't feel you should have to pay to have it, even though they did, or they created it and feel that is what is worth.  Finally, if the government gets their way, and they probably will on this, anyone that has even downloaded these patches, key generators, or pirated software, will be facing fines that are at least 5 times the amount of the actual cost of the software, and quite/most likely prison time.
Ufy95788
2011-12-26 01:33:00
We're now 6 months in, so I wonder if your prediction came true. You know, the part where you said everybody who downloaded a keygen gets prison time.Quit posting noob. Not every crack hosts spyware. 
Gord
2011-06-10 13:52:00
In my case it was an activator for MS Math
Mronga49
2011-05-31 23:12:00
Depending on what’s in the exact file you have will determine what it is, for example I also have a false positive for a keygen app. I have no doubt that this is not a virus,100% certain it got flagged cuz it is seen as something bad i.e. cheating adobe outta money cuz this is what it does.OFC you must be aware cuz there are many such "tools" out there but IMO it all aint bad, it’s just bad for the company that doesn’t get their money. Hmmmm is that really a bad thing? On the other hand are we talking about a legal or a moral issue, or does it matter? IMO its an individual choice, for the most part all these guys sell us a product that is still in the R&D stage but they don’t have a problem selling it to us, so some say they don’t have a problem taking it either. You do the math and get all the info you can and then do what ur comfortable with.BTW I know someone that uses a computer that has a lotta malware and viruses but he is aware and says it suites his needs and he has nothing on the puter that can cause him a problem.(except a bot stealing his bandwidth maybe) Have fun, enjoy, and don’t take things so seriously,nobody will care a hundred years from now....... Hmmmm in fact most don’t even care right now.LOLMIKLO
Phil
2011-05-10 15:06:00
My Microsoft software is all totally legit, and Malwarebytes found it on my laptop, too.
Iha
2011-04-13 19:05:00
Just enjoy! we have to live with many viruses which as 1st step Windows by itself is a spy system! So, what the point for some malware, or what so ever?
chuck norris
2011-03-29 08:16:00
this virus helped me download a software for free. so, even though it is regarded as a bad thing. i am going to keep it because im using the software and it's been helping me more.
Juan Mariconne
2011-03-28 14:23:00
folks, if you really need the software, or use open source - open office, it can read microsoft data format.elsepurchase the student editionFinallypurchase legit license of anti-virus softwareRecently - microsoft securitys essential did not catch a virus / malware whichhosed my windows 7 desktop===========>also avoide pop-up especially this firm AntiVirus 2011<=============they bonked my machine last yearI formated hard drive to get rid of it-
Sikkwolf
2011-07-30 17:53:00
Shut the fuck up.
Jmorphett
2011-03-01 11:38:00
Wow. I laughed. The OP did ask: So does anybody know what is RiskWare.tool.ck?And no one actually gave an answer. They just spewed out a 'I have no idea, remove it anyway' generic response. It's a false positive telling you that there isn't anything actually wrong with the file but it's associated with a 'bad thing'. ie pirating. So it is bad anyway. Golf claps to the posters here that just spew...
Canadian Guy
2011-08-28 14:50:00
anyone else in this boat that wishes to use keyfinders maker etc can easily download sandboxie for free install it and open these 'Questionable Source tools" safely by right clicking on them and opening in sandbox. it's like a little virtual sandbox that keeps things from infecting your system. restrict the use of virus's and malware by working smart not working hard.
Quiet_one31
2011-10-16 15:09:00
I agree with Jmorphett. c:Windowskmservice.exe is safe. Yes, it is a Office 2010 activator, but it's quite safe.It has been submitted through Virustotal and they found it to be safe.The only thing this service does is provide a service that acts as a license server.
Fulano X
2011-02-21 16:33:00
I found this malaware in keyfinder.exe too
Frederickemanuel
2011-01-14 23:31:00
You should let Malwarebytes remove the infection. Spybot may have missed it because, well, that's the way things work. Tens of thousands of infections are issued every single day, and even when reputable developers work hard to find and remove infections, NO single piece of software can claim to find all of them all of the time. So you did right by running multiple security solutions. Follow what they tell you and I hope you're able to rid yourself of the infection! In addition to Malwarebytes, you might want to try a scan with SUPERAntiSpyware (www.superantispyware.com) and see what it finds. Between the two programs, I'd trust what they tell you.
Aibek
2011-01-18 09:14:00
i second Fred on using multiple malware removal tools, see http://www.makeuseof.com/pages/best-windows-software#malware
Richard Carpenter
2011-01-14 13:57:00
Lot of these tools that can download for free, are making the person on the other end wealthy. Most of this software is spiked with Malware, when you open it... your infected.
2011-01-14 07:39:00
Hidid you use a pirated activator for office 2010? that’s it.You will need first to stop this service in the task manager and then go to the folder and delete the file.