What is hkcmd.exe? Should I remove it?
Hkcmd.exe is an executable file that gets installed together with Intel's driver chipsets
Hkcmd.exe a background process which belongs to machines hat use Intel graphics cards (GPU). It is typically installed with Intel 810 and 815 chipset graphic drivers for Windows XP, 2000, Vista, and 7 (since Windows 8, the process name was changed to Igfxhk.exe) and located in C:\Windows\System32 folder.
Hkcmd.exe is launched with every system start and allows users to access Intel's Graphics Controller by using hotkeys that can be predetermined. Therefore, those who use the keyboard shortcuts for controlling their computers are advised to leave the process running. Nevertheless, Hkcmd.exe hotkey interpreter can be easily disabled, and the associated Graphics Media Accelerator application uninstalled if its functionality is not needed.
Hkcmd.exe, being legitimate process from Intel, should not create associated problems to users. However, just as many other executables, it can be copied, intercepted, or replaced by malware – TrojanDownloader:Win32/Unruy.C being one of them. Trojans are extremely dangerous, as they can allow attackers to take over the host machine remotely and execute various commands, such as data-stealing or uploading of other malware.
|Functionality||Allows hotkey control of Intel's Graphics and Media Control Panel|
|Newer versions||Starting from Windows 8, the process was replaced with Igfxhk.exe|
|Is it safe?||In some cases, malware can be masquerading as Hkcmd.exe process|
|Malware infection symptoms||The process is not located in System32 folder|
|Termination||Remove malware with the help of security tools like RestoroIntego or SpyHunter 5Combo Cleaner|
It is not uncommon for different malware developers to use names of the legitimate system processes or files to conceal their malicious creations and allow them to run on the infected system undetected for as long as possible.
Most of the less experienced computer users do not know how to separate malicious executables from genuine ones. However, making sure Hkcmd.exe is legitimate is easier than one might think – you should simply check the location of the file. Here's how to do it:
- Launch Task Manager by pressing Ctrl + Shift + Esc
- Scroll down to locate Hkcmd.exe process
- Right-click and select Properties
- You should see the location of the file in the General tab.
Other symptoms of malware infection include high CPU usage, several Hkcmd.exe processes running at the same time, program/system crashes, general slowness of the computer, etc. Finally, you should also be extremely concerned if you are not using Intel software. However, the best way to check if your machine is not affected by a malicious Trojan is by scanning it with reputable security application, such as RestoroIntego or SpyHunter 5Combo Cleaner.
In most of the cases, users get infected with malware when downloading pirated software or applying cracks, opening spam email attachments, not protecting their system with security software and other methods. Unfortunately, but a malicious version of Hkcmd.exe might be running on the system for months or even years before it is detected.
Therefore, it is important to remove Hkcmd.exe before it can cause significant damage. Money loss, other malware infection, data loss, file corruption, and even identity theft – all can be the result of a Trojan silently working behind your back.
Nevertheless, please do not rush to perform Hkcmd.exe removal simply because it is running in the background – if the process is legitimate it does not pose any type of danger to the computer or your own safety. If you want to terminate it regardless, you should check the removal section of this article below.
Malicious files can be injected to your PC in various different ways
Malicious actors use a variety of malware distribution methods – some are simple, while others are more sophisticated. Distributing viruses in several different ways allows hackers to spread the infection to as many people as possible, resulting in more profits or other goals that they might seek.
Possibly one of the most primitive, but very effective malware distribution method is spam emails. Hackers insert the malicious payload into obfuscated files that they attach to phishing emails and then use social engineering to make users open the attachment. To prevent that, make sure to check these points:
- Do not allow any attachment to execute Macro commands – you will be asked by a document to do so. If you do, it will trigger script commands to download the malware and insert it into your PC instantly – you will not notice anything out of the ordinary;
- Check the body text – look for spelling/grammar errors, unusual requests, etc.;
- If a link is embedded, mouse over it, and you will see the read redirect address at the bottom left of your browser;
- The message creates a sense of urgency or threatens with consequences.
Additionally, you should also never download pirated software/cracks, install anti-malware software, enable the firewall, use strong passwords, install ad-block and make sure that all your applications and along with the OS are updated regularly.
Hkcmd.exe removal instructions
In case you come across the file in the predetermined location, there is nothing you should worry about. You will only have to remove Hkcmd.exe from your computer if it has appeared on it as a result of a malware infection. Luckily, running a full system scan with antivirus software should sort the problem out.
Nevertheless, if this process is still causing you problems though it is not malicious, you can disable it by going to your Control Panel → Intel Extreme Graphics → Hot Keys. When on the Hot Keys folder, turn this option off.
Remember, if you perform Hkcmd.exe removal of a legitimate version, you will corrupt the associated application, and it will not be able to start correctly.
- ^ What is a Trojan Virus?. Kaspersky. Official security blog.
- ^ Software Cracks: A Great Way to Infect Your PC. Krebs on Security. Security site.
- ^ Ana Dascalescu. Analysis: How Malware Creators Use Spam To Maximize Their Impact. Heimdal Security. Official blog.