View original (French)

Infected by HackTool:Win32/AutoKMS

Solved
fredo1968 Posted messages 303 Status Member -  
fredo1968 Posted messages 303 Status Member -
Hello,
Windows Defender has detected and quarantined HackTool:Win32/AutoKMS in file: C:\Windows\KMS-R@1nHook.exe

But my PC was already acting a bit strange before that with a lot of slowness, it might need a thorough cleaning

I am attaching the FRST reports

Thank you very much in advance for your help

https://pjjoint.malekal.com/files.php?id=FRST_20180425_e6s9u14m11h7

https://pjjoint.malekal.com/files.php?id=20180425_j15t128l14t5

https://pjjoint.malekal.com/files.php?id=20180425_p8h9g8d7e13

Configuration: Windows / Firefox 59.0

3 answers

Answer 1 / 3
Malekal_morte- Posted messages 178136 Registration date   Status Moderator, Security Contributor Last intervention   24 711
 
Hi,

It's not malicious in itself.
Just some detections regarding KMSPico which is used to crack Windows or Office.
Read here: https://www.malekal.com/kmspico/

You can add it as an exception in Windows Defender, see: https://www.malekal.com/windows-defender-ajouter-exception/

That said, it's not great to try to crack licenses/software.

--
Please press any key to continue the disinfection...
5
Malekal_morte- Posted messages 178136 Registration date   Status Moderator, Security Contributor Last intervention   24 711
 
Unchecky is useless.
You can uninstall it.

CCleaner isn't really useful, even though it's recommended everywhere.
You can also uninstall it.
If you want to keep it, disable CCleaner's monitoring, which is unnecessary, as it starts up with Windows and slows it down with its incessant cleanings. See: https://www.malekal.com/supprimer-ccleaner-demarrage-windows/
0