Worm virus + Hacktool

[KevinG4]

Hey everyone . So i had a usb attached to my pc and after 4-5 seconds my Windows Defender popped up saying it had discovered malicious software . I saw that inside the USB was a file of 1GB ( although it's only a 499MB USB stick) and that it had a !Ink ending . My Windows defender identified it as a worm and quarantined the item and then i proceeded removing it completely from the pc and also formatted the USB . Then i run a full scan and Windows Defender discovered a virus called HackTool:Win32/AutoKMS (it was not there before i had the USB attached). It said that it's threat was medium and i again proceeded removing this threat as well succesfully ( or at least that's what Windows Defender said ) . My question is , am i safe now or is there any possibility that something slipped through the cracks and i am at risk ?

 

UPDATE : The HackTool was for a Word/Excel activation file so its good . But what about the Worm virus the Defender detected as soon as i plugged in the USB ? Although i removed it can i be sure that i am ok ? And what potential harm could be there ?

[sissj]

3 minutes ago, KevinG4 said:

Hey everyone . So i had a usb attached to my pc and after 4-5 seconds my Windows Defender popped up saying it had discovered malicious software . I saw that inside the USB was a file of 1GB ( although it's only a 499MB USB stick) and that it had a !Ink ending . My Windows defender identified it as a worm and quarantined the item and then i proceeded removing it completely from the pc and also formatted the USB . Then i run a full scan and Windows Defender discovered a virus called HackTool:Win32/AutoKMS (it was not there before i had the USB attached). It said that it's threat was medium and i again proceeded removing this threat as well succesfully ( or at least that's what Windows Defender said ) . My question is , am i safe now or is there any possibility that something slipped through the cracks and i am at risk ?

If its only 500mb just destroy the USB. Just in case....

[cynexit]

AutoKMS is the description for tools used to activate pirated windows copies, it's not dangerous. If you pirated your windows copy you're fine, if you bought the PC from someone he might sold you a illegal Windows copy and you should try to get your money back.

[lh99]

autokms normally is an windows activation tool if u don´t have a license

 

[RedWulf]

1 minute ago, sissj said:

If its only 500mb just destroy the USB. Just in case....

It probably was just reformatted to read at that to hide the 1gb virus, 2 or 4gb drive most likely.

1 minute ago, cynexit said:

AutoKMS is the description for tools used to activate pirated windows copies, it's not dangerous. If you pirated your windows copy you're fine, if you bought the PC from someone he might sold you a illegal Windows copy and you should try to get your money back.

KMS has been known to be saturated with viruses and adware though

[cynexit]

1 minute ago, RedWulf said:

KMS has been known to be saturated with viruses and adware though

Depends on your source of course. Even your WinRAR version could be backdoored if you downloaded it from some shady website instead of a trustworthy source.

I would also argue that in this case defender should've found a different signature (of actual malware).

[KevinG4]

7 minutes ago, cynexit said:

AutoKMS is the description for tools used to activate pirated windows copies, it's not dangerous. If you pirated your windows copy you're fine, if you bought the PC from someone he might sold you a illegal Windows copy and you should try to get your money back.

 

6 minutes ago, lh99 said:

autokms normally is an windows activation tool if u don´t have a license

 

My windows 8.1 are genuine and not pirated since i am a student in a university and i get it for free. The pc that my USB connected before connecting into mine although must have a pirated version. Is it possible it jumped from there into the USB and then to my pc ?

[cynexit]

3 minutes ago, KevinG4 said:

My windows 8.1 are genuine and not pirated since i am a student in a university and i get it for free. The pc that my USB connected before connecting into mine although must have a pirated version. Is it possible it jumped from there into the USB and then to my pc ?

No. It's an executable file, so someone either copied it over explicitly or wrote a program to "infect" every connected device with free Windows activation files....

 

EDIT: Most likely someone just copied the toolkit on the stick so he could activate another machine and forgot about it.

[KevinG4]

10 minutes ago, RedWulf said:

It probably was just reformatted to read at that to hide the 1gb virus, 2 or 4gb drive most likely.

KMS has been known to be saturated with viruses and adware though

Nah its was not reformatted . It actually is a just 512MB USB stick i have back from 2004 or something

[KevinG4]

2 minutes ago, cynexit said:

No. It's an executable file, so someone either copied it over explicitly or wrote a program to "infect" every connected device with free Windows activation files....

 

EDIT: Most likely someone just copied the toolkit on the stick so he could activate another machine and forgot about it.

So in any case i dont have to worry about this HackTool ? ( I mean like slowing the pc , leaking my personal info and stuff. ) It's completely harmless ? Although even if it was harmfull my Defender removed it succesfully so in any case i guess i am cool ?

[KevinG4]

Alright so UPDATE to the post . The HackTool was actually located in a folder for Microsoft Word/Excel etc. which i had downloaded from Kickass. So i guess that its completely safe and i dont have to worry. But what about the worm virus that the Defender detected when i plugged in the USB ? I mean it quarantined it and then i removed it from the system but has it really gone ? Is there any way i can double check ?