MS antivirus detected a malware called AUTOKMS that F-Secure didnt detected! Why not?

It krasched my Win 10 and created problems for me. Why?



  • Ukko
    Ukko Posts: 3,611 Superuser



    Based on Microsoft page:



    ""It can be used to "crack" or patch unregistered copies of Microsoft software""



    And as potentially point that crack (probably can be for another software too) can be with malicious payload.


    Anyway... F-Secure time to time can be "not aggresive" about crackers/patchers/hacktools (mainly about situation.. when this is do not comes with malicious payload). Because partly this is "safe".


    In your situation I can to feel about some of steps (if detected file known for you and you able to understand how it get to your system):


    --> Transfer this file for F-Secure SAS:

    For proper understanding.. why there is missing detection.


    --> Re-check points under F-Secure installation.

    If there something as F-Secure SAFE/F-Secure Internet-Security:

    Can be helpful: open Main UI of F-Secure, choose "Settings" under main UI;

    There should be settings for "Manual Scanning" - where you able to re-check settings about "scan compressed files" and "advanced scan" (to "check"-status); and optionally "uncheck" option "scan just known types".


    And re-run full scan (by Main UI -- Tools-tab -- Choose Scan settings --> Full Scan) or just re-scan this file (maybe F-Secure will detect this... with "advanced scan" settings, which usually can to increase f/p detections).


    Sorry for my reply. 

  • Ingenjorn
    Ingenjorn Posts: 2 New Member

      Strange.  All Microsoft is legal even outlook 2016 that I bought recently. All these programs was gone and has to be downloaded from Ms. 

    My f-secure safe doesn't have the feasibility that you mentioned above.


  • Ukko
    Ukko Posts: 3,611 Superuser



    How I can to understand this detection can be for crack/patch/hacktool to another software too (if for crack/patch something at all).


    But also when you mean MS AV... does there Windows Defender? And if yes (or not) - how detection (prompt?) comes for you? And also if there is possible.. maybe you able to open Microsoft AV UI and settings about Quarantine (to re-check... if there will be information, which file is "removed/detected").

    And maybe this is "valid" or know application for you (which can be installed randomly or like "payload" with another software... something like adware; or something else)? And will be more visible.. about something else (but anyway... maybe this information can be more helpful for F-Secure Support - if there should be detection, but did not come; Or just for F-Secure SAS... where they able to do analysis for this file).


    Also basically.. if F-Secure SAFE work together with Microsoft AV at real-time scanning (protection).. there is can be some potential mistake between them.


    Sorry for my reply.

This discussion has been closed.
Pricing & Product Info