I have installed avast free antivirus, from official avast site, updated regularly. For the past month or so, I have been having problems and decided to try kaspersky. Installed the free version today, disabled avast and ran the first scan on kaspersky. It reported the following malware / trojan
(full text file attached)
HackTool.Win64.HackKMS.b
Trojan.Multi.BroSubsc.gen
I have been running various types of scans available in avast which have not reported any virus etc. Snapshot of a recent scan report is attached. Firstly I wanted to report to avast about the non-detection. Secondly, in the kaspersky report, it says at one place that disinfection not possible (details given below)
Today, 16-11-2021 19:16:06 C:\Windows\KMS-R@1n.exe Not processed Disinfection not possible HackTool.Win64.HackKMS.b
Now my concern is to clean thesystem and remove this malware/trojan. Any suggestions?
ADDED ON 12/12/2021
On second thoughts, if some virus is already sitting in memory how does avast deal with it?
my advice, try rebooting your computer and then doing another scan with the kaspersky program.
the scan-log showed that it couldn’t remove the infection from memory, which suggest that it was running, which was why it was in memory. when a program is running, it is locked.
hopefully, after rebooting, the malware that was running in memory will be gone. the scan-log showed that the KMS-file itself was removed, so it shouldn’t be running anymore after rebooting the computer (if the KMS file actually was removed). it is possible that something went wrong and the KMS file was not actually removed-since it actually was running in memory, so the file could have been locked, and, so, couldn’t actually be removed.
as for the avast program’s not flagging the KMS file, my guess is that you have the avast program set to ignore the file. as pondus pointed out, KMS files are used for pirating software, so you probably would want the avast program to ignore it, so that you could use it to pirate software.
KMS files are not ignored by antivirus programs. in fact, it is the number one thing that the windows defender antivirus program flags:
(“keygen” files are similar to KMS files in that they also are used for pirating software)
i can tell you, the avast program has a very good detection-rate for detecting malware. over the course of the past 20 years, several times, i have seen the avast program flag malware before any other vendors were flagging it.
no. i just assume that the person deliberately downloaded the KMS program because they wanted to use it, and that they would need to set the avast program to ignore it, in order to be able to use it.