One more thing that could've been mentioned is that if you're creating malware, the one AV you probably want to be able to avoid is Windows Defender considering the majority of people use it. It's why I'd be a little hesitant on saying "Windows Defender is good enough!" that I see mentioned so often.
that means that hundreds of millions people have an opportunity to send some shady data to the cloud analysis and help to identify and flag them as a threat
@@D.von.N the first person don't have to be infected. If that person has properly configures (like with DefenderUI) M$ defender, the chances that cloud analysis would be fast enough to flag the suspicious file, might be pretty good
Windoes Defender detecting something hasn't always stopped it in my experience. Maybe I'm just unlucky or maybe Windows Defender was just fucked last time I used Windows.
you probably using your PC somehow wrong ) just stop doing it ) 2 SchinTeth, have you tried Simplewall, Safing Portmaster, or some Security Packs like those from Kaspersky, ESET, SOPHOS? they usually include a decent firewall to the pack
You did an excellent job of describing the problem, but some hint toward a solution would have been nice. I know recommending specific AV companies is probably not what you want to do, but do we even need those outside AV companies, or is Windows protection good enough, I don't know. I am left with many more questions after this vid than answers. Thanks, and keep up the great work 🙂
I don't really know about antivirus vendors. I personally use Kaspersky because I had a problem with windows defender once and it didn't catch the virus but Kaspersky did. But as far as safety practices go just don't click on shady links, get an adblocker, don't fall for phishing emails and only download torrents from verified sources. I'm no expert in the field but have only gotten a virus once and it was because of an ad while my adblocker was slacking and not doing its job properly.
VirusTotal is only showing who is detecting it by signature, meaning it is detected before execution. Good AV has behavioral detection, meaning once the malware is actually running (because its signature wasn't detected) it recognizes the pattern of behavior and then blocks it. Windows Defender is not very good at the behavior detection. It can be better, but you need Windows Pro so that you can set windows policies, but then it also makes defender more annoying. The top performers are usually Bitdefender and Kaspersky, although if you're in the US Kaspersky is not a good choice as they've been banned so wouldn't get any software updates.
If you're running a business. Defender 365 is excellent. It does better than most. You just need to configure it correctly. You also need to use all the features such as Exploit Protection, Controlled Folder Access, and WDAC or AppLocker.
you might be right that overkill is better than nothing, but I would rather made a different list, which include "noscript", some good firewall, some secure DNS with an additional stop list (in many cases you can choose what exactly you want to avoid, MW, adult content, sometimes even social networks WHICH IS GREAT)
4:25 to 4:30 For those who are photo-sensitive, you might want to either look away or skip to 4:30. This video fails WCAG 2.3.1 Three-Flash Threshold, Level A.
Developing that kind of software takes a lot of work, and you would need a team developing and maintaining it. Virus Total has an app of their own which you can run.
is there any example of turning any YT star into a strong IT or any other kind of professional business? I know only Rob Braxman, but it's rather a small business than full scale IT company
Just the other day I had someone open a zip file and try to run what was inside. Windows defender seemed to get it. But the company firewall was blowing up. Had the pc trashed. Not worth the headache.
Currently wiping my entire windows disk because i got whacked with something like this. No more windows on bare metal for me ever again. Tired of this crap.
If this is happening to you frequently, or even more than once ... maybe the problem is your behavior. Sorry, not trying to be mean or anything, just saying that is absolutely not the normal experience for people.
If a new file like a 0Day one passes detection when scanned but there is still a doubt in your mind act on your gut feeling. You can always come back to the file in a month or so and rescan, which by then security scanners should detect it if it is indeed malware.
I keep my tax papers and stuff on a separate air-gap PC. It's a pain to have to use removable drives to transfer files, but I know that they will not be sent out over the internet. It is getting harder to do though.
@@lumikarhu yes, but that requires a USB controller that can be updated. And Linux does not have the auto-run issues windows has. And it's hard for malware to transfer GB of data a little at a time. yes it is possible, but I don't think I am that much of a target.
@@Schnitzer325ci that reminds me. back in the 90's I had access to really accurate current measuring equipment at the power substation. As a joke we were able to send a few bits of data per day by flashing the CRT white and back at a set frequency.
Great job and effort, Can you please make a video on How to discriminate between Real Malware and False-positive detection or even a Generic detection! Thx again ♥️🙏
it's very individual because nobody but you could possibly know what is the best for you. My conclusion over decades of experience starting with Win3.1 that an advanced user need no or almost no AV for their home PC. The only utility you need is some Analogous to AppArmor, for Windows platform the best seem to be different HIPS utilities which you can find in any good enough security package. AV will be included just for your better protection in these packages )
If you aren't sure how to get an example of security pack having these HIPS utility, ask your search engine "Host Intrusion Prevention", then scroll down after OSSEC and other corporate or network security utilities, and get to the personal/private segment. In my case these were the first: ESET McAfee (I didn't know but they may have something like this lol) Kaspersky Microsoft (haha) Sophos Trendmicro Xcitium/Comodo and might be some more if you look deep enough )
there is no beast Av .. we are the av . knowledge of not clicking links. download cracks for software/games locks only keep honest folk out . what is the best lock to have on my front door? adblocker will save some headache whilst searching the web these criminal masterminds no the tricks. back in 2010's it was a massive amount of videos on TH-cam for cracks for this software ,keygens for games, 99% were just there as a platform to see who is desperate enough to get there hands on cheats for Minecraft. hacks for csgo games . free games seemed to always get my dad. education is so valuable. the power we have at our finger tips. but not knowing how to use that power makes us vulnerable now a days like this video the criminals are using google ads, duplicating trusted software. because some of are none the wiser that there is a dodgy authenticator... strong passwords can only do so much . 2fa .and recovery emails. security keys are needed... i absolutely hate passwords. the amount of accounts i have on different sites. all needing 15 char pwords . you chose a password vault . if all it takes is to run a exe and bam your browser credentials are stolen .. and every single account on every single site is in the criminals hands but they dont care for old mc accs. they want bank, paypal, youtube, fb, X , where they can spread more. stay safe out there
I remember watching a video on how Defender works (according to MS, so I'm sure they made it sound a bit more impressive than it really is). Basically, iirc, Defender will send files to the cloud to analyze them. The first user who is a victim will not be protected, but then the cloud service analyzes the file, determine it to be malicious and now Defender will protect against it... But that of course means that users are vulnerable before it's determined the file is malicious. No analysis is 100%, though, and I won't pretend to know how effective it really is. I'm sure some malware may slip through undetected. Forgot it if was files in general, only executables or if it was email attachments that works like this.
did you double check of pulsway is headquartered anywhere outisde of US? Or who it's CEO or officers are? I'm curious. With Kaspersky gone, we need to be careful with ALL downloads.
See in 2022 I got redline stealer Then removed it and reset my device and changed passwords and enabled 2fa but 2 months after its almost like the session hijakced me and they also changed my password for some of them and it shows they changed my gmail password on my iPhone which was impossible but then every email I made after the infection never had any of this happened.
First time viewer of this channel, only thing I could say is; the presentation is great. Could be better thogh, you make reference to people doing their own detection twice. Could be helpful to maybe mention a few easy techniques eg…. task manager
Hey, im pretty new to this channel. Did you do a video on what you personally use to check files, what virtual machines do you use or i guess what you would use on a day to day basis to do random stuff and downloading ? I feel like i'm something getting a bit paranoid when it comes to antiviruses, passwords managers, where to save files etc
💡that was insightful and awsome🔥 so what are the best options to avoid them? aside from "know what you are doing" type of recommendations Physical firewall? LINUX with hardening? BSD? and how is BSD secure in comparison? it's a unix like just like Mac OS so do they get affected by same malwares? thanks for your wonderful videos 🙏🏻
For most typical users, it's sufficient to just do 2 things: (a) block all ads, everywhere, and (b) don't click links or attachments in emails. There is malware for Linux, but because it's such an unpopular OS, there's just a lot less reason to create it - even more so for BSD. Security by obscurity isn't pretty, but it often does work.
Hi... Thanks for your precious information. Anyway, how can I access "Detection Evolution" by clicking "Security vendor's analysis" like the moment at 0.16 (google chrome here) . I'm asking because, although I can see "Security vendors' analysis" above detection list, for me it is not clickable and has no arrow pointing down, so I can not view it, even if I'm signed in . Also tried with MS Edge with no success . Lots of thanks in advance,
security software could check a generated reliable unique sha of some sort along with software name, company, etc, then see if there's any scans at all, and if there are no scans or it differs from an upload from an official source, or if it is too new, upload and flag for extensive security tests. At least users would be capable of getting a warning about that the file in question is potentially dangerous because it is so new and there's no recent scans for the file. I assume checking for expected methods of avoidance could be used too.
i got maybe a stupid question recently i wanted to check ram timing , so looked to dowload programs to do it like zentiming or typhoon burner and notice all of them got 1 report , on virus total is there a posibility of fasle-positve ??
hallo i watch movies and anime shows on my computer "for a noot pirated sources" want to know can my goat any viruses or those tips of things from a mp4 or mov files
This is why system hardening helps. AVs are just one component of what you need to be doing. One of the biggest things though is ensuring you're not browsing shady websites and downloading weird things.
this is especially true for home users, who I guess 99% of people here. The most secure and also less expensive way is to make the system armored. This armoring includes firewall, security suits or a set of utilities for protections, which should be utilities like AV, HIPS, cloud protection, privilege based restrictions, and should for most users include additional features like filtering of content and malware blocking, either as a separate utility, or included in some package like uBO, or sometimes provided by secure DNS companies. Using them alltogether (and actually even more) is a good way to go
when i was on metered download limit i use to save all downloads on a hard drive MONTHS TO YEARS LATER some of downloaded files would be flagged as UNSAFE
He did, guess people didn't listen. You need a good AV with behavior detection. Not one that relies mainly on signature detection. He doesn't recommend specific AV products, doesn't want the conflict of interest or even the appearance of it. But he has numerous videos testing all the big names out there.
@@MTGeomancer we listen,and in list you can see except one ,none of them detact anything,I just asking him is there's any solution or way rather than fully depends on scan :(
VirusTotal only tells you if it is detected by signature. It does not show if something would be detected by behavior. Relying on signatures is not a good idea because it is easy to hide from it. That was the point of the video. He has numerous other videos where he tests all the big names, and has done them against new samples. They show that some get past signature detection and start to execute, but then their behavior is recognized, the process gets killed and reversed by the AV.
@@RtwelveKyou can’t possibly detect for new malware using signature based scans when it is first launched, when it is obfuscated again in a different manner or when it is recompiled. As MTGeomancer says, the solution is not to use a product that only relies on signature based detection. Again, the PC Security channel has reviewed lots of products that has very good behavioural detection capabilities. They may fail to detect the new malware but they will still stop it in its tracks when the malware tries something it shouldn’t and very importantly, tell you about it so you can decide whether you need to do something more.
If I see something with less than 10 detections, I may assume it’s a false positive, so that doesn’t necessarily tell someone the software is dangerous.
That's why you use defender ui to enable ASR on defender, or enable it from intune/group policy. And then you can enable the "Block executable files from running unless they meet a prevalence, age, or trusted list criterion" rule.
I've been using Windows since 1993, and the last time I had an actual virus on my computer was in 1997. I've NEVER been hacked. I'm online every day for several hours. So I'm getting pretty skeptical about hackers trying to hack into people's personal computers at home. I think the vast majority of hacking efforts are against businesses. Maybe people using a laptop computer in the airport or a hotel are also at risk. Right now I have a mainstream AV program installed, but it has never detected any virus or malware on my computer. So I'm skeptical about TH-cam articles like this one that tell you your current AV program is not good enough. I'll change my mind if I ever get hacked, but that's a pretty big "if".
It depends on your behaviour online, but I think you're right that it's often targeting businesses, though that doesn't mean it's always like that. Malvertisment is a thing. That's targeted against anyone foolish enough to click an ad that looks fully legitimate. There was a time when downloading OBS was dangerous because the first Google result was an ad that led to a malicious site. If you got OBS from there, you would get malware. If you haven't gotten infected I guess you aren't prone to falling for these things, so please continue doing what you're doing. Just saying anyone can be a target, though you're probably right in that businesses are targeted more.
you know there are many people around who sip a coffee, fill in the excel tables and play minesweeper. Some of them may proudly say that they use PCs since 1893 and still had no issue. The question is: who cares
@@Alan-rt3se oh you know I didn't make any advice to you, but since you started go into this direction, here is my wish list for you to do: don't just get older, become more competent, nice and pleasant person as well )
I often download mods for games as DLL files, i always test them on virus total and check the behavior tab. Often the detection tab can be wrong because some vendors would treat a lack of reputation as a red flag, and very new files have no reputation. But I can't take the risk so being able to use the virtual boxes in virus total is really cool to try and check things myself.
that's probably one of the most futile thing to do. If you don't upload all the files, uploading simply one of the library makes close to no sense. Anything that is not signed by a good trustworthy author or company, and/or closely and routinely monitored by a company or a community, not worth the risk of installing on your main PC. If you have something precious there, of course. If it's purely a game PC and the most precious things there are game saves, it might be not a big risk )
So in short: back up back up back up and use different accounts for different activities, password protected and encrypted. Restart the machine between switching accounts to cut the link between them if one was affected. And back up again. Like you hopefully exercise hygiene between toilet and kitchen, exercise hygiene for computing and online behaviour.
@@AlfonsoMart depending on how you set up UAC. I must click yes even in my admin account when I want install anything, that after I checked it on virustotal in a sandbox. And still I count with an option to get infected. And for that reason I am transitioning all my machines to Linux and Windoze will run from USB only for the stuff I cannot do on Linux. And on that Windoze I have the main antivirus running and a second opinion from another antimalware, updated and ran manually whenever I remember. And that stuff keeps reminding me to upgrade, so I don't let it go for long without action. So far just traking cookies detected.
@@Capt-Intrepid I suppose you are educated in the matter. Come and tell us when it happens to you. There a was fake copy of Google authenticator, featured here, as well. How are lay people supposed to know? There was a trojan in MS appstore, presenting itself as Zip-7 or something of this sort. How are average folks supposed to know without running diagnostics they don't know exist, who are not computer savvy? And then there are zero days exploits popping up every now and then. Someone will be first to find out, many going infected for some time without noticing. It's a jungle.
You make it seem like getting with a day zero virus is common... if you were the victum of that you were either targeted or super unlucky - day 0 viruses aren't wasted on the everyday person (until basicaly its worth has been used up and about to be listed / patched).
These are not zero day exploits in the sense of a windows or other software vulnerability. This is just garden variety malware in a new package that doesn't get hit by signature detection (but would get hit by behavior detection).
ya'll need to stop with this 0day bs. you don't need 0 days to write a malware that will encrypt your files with an AV/EDR running. It just takes a smart coder and years of experience. Behavioral detection is possible to turn off or bypass too. Encrypting files, after you initialize the encryption, is just using windows api for opening and writing to files. Something you do on daily basis on your computer. Just gotta be careful because some files are decoy files left by EDRs - if you touch it you're caught. I've bypassed them too, though. Anyway you need hundreds of rules and months of analyzing user and network behavior to be safer - then EDR/XDR are superior to AV.
I tend to agree with everyone who's talking that it's not a zero day. Windows has so many weak unpatched points, that there is no need to employ some new vulnerabilities. As being said, all you need is just to run with your admin permission (or even without, depending on your UAC and other settings) some shady origin software, and that's it. Since zero trust or any kind of app store is still in a developing stage for windows platform, the only way for you to be saved using standard utils is your AV. If malware was specially tailored, it may be unnoticed by AV, or noticed when it's too late
Eh the things I do on my PC are a hassle or in the case of some games I play impossible to do on Linux and Max is just overpriced. Besides the only way I'd see myself get hacked is if something at work or uni got compromised. In like 13 years of using computers I've never gotten hacked... I'm just very careful and keep my software updated. Any time I download something I double and triple check that I got it from the right place and if something is even remotely dodgy I try it on a VM (with some tools) first (rare and takes less effort than switching to Linux)
Could we create viruses on a well-written OS like the AmigaDos of 1985, for example? PS: More than 40 years of racketeering to mystify a sect of gullible people, that's a long time.
Hii I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
The main reason Windows has so many malware issues is its popularity. As soon as the masses change to another OS like Linux or Mac OS, that version will become the target and then become the same, and in some cases worse. For example, Linux does not auto-update natively. Just like the earlier versions of Windows XP, it would quickly become a nightmare as the average person would refuse to update their system out of ignorance or laziness. Aside from one main problem with Windows, mainly the insistence on backward compatibility, it is a secure OS due partly to the automatic and constant updates. Good cyber hygiene is the most important thing a person can do; for example, do not click on links in unsolicited emails/texts. Verify the URLs of websites before entering your information, and of course, do not open passworded files from strangers, to name a few.
Meanwhile my own harmless app gets flagged as malware
I'm going to do a wild guess and say your app doesn't have a Code Signing Certificate
Our game builds also do be like that
Malwarebytes was like that for me, eventually i just unsubscribed and went back to windows. A lot less false positives here
@@tigerthenoobAnd a lot more false negatives!
Pyinstaller moment.
One more thing that could've been mentioned is that if you're creating malware, the one AV you probably want to be able to avoid is Windows Defender considering the majority of people use it. It's why I'd be a little hesitant on saying "Windows Defender is good enough!" that I see mentioned so often.
that means that hundreds of millions people have an opportunity to send some shady data to the cloud analysis and help to identify and flag them as a threat
So whats the best av
@@AlfonsoMart Linux 😂😂😂
@@ТоварищКамрадовСоциалистКоммун that sounds like a cannon fodder... lambs sent to the slaughter, for the advantage of those who come after.
@@D.von.N the first person don't have to be infected. If that person has properly configures (like with DefenderUI) M$ defender, the chances that cloud analysis would be fast enough to flag the suspicious file, might be pretty good
Windoes Defender detecting something hasn't always stopped it in my experience. Maybe I'm just unlucky or maybe Windows Defender was just fucked last time I used Windows.
WHAT
I ve not seen it being good in any of Leos videos tbh. I wish its better cause i m struggling to find a good Firewall
for Win?@@SchinTeth
@@Night-Rider101 f u mean what
you probably using your PC somehow wrong )
just stop doing it )
2 SchinTeth, have you tried Simplewall, Safing Portmaster, or some Security Packs like those from Kaspersky, ESET, SOPHOS? they usually include a decent firewall to the pack
You did an excellent job of describing the problem, but some hint toward a solution would have been nice. I know recommending specific AV companies is probably not what you want to do, but do we even need those outside AV companies, or is Windows protection good enough, I don't know. I am left with many more questions after this vid than answers. Thanks, and keep up the great work 🙂
I don't really know about antivirus vendors. I personally use Kaspersky because I had a problem with windows defender once and it didn't catch the virus but Kaspersky did. But as far as safety practices go just don't click on shady links, get an adblocker, don't fall for phishing emails and only download torrents from verified sources. I'm no expert in the field but have only gotten a virus once and it was because of an ad while my adblocker was slacking and not doing its job properly.
VirusTotal is only showing who is detecting it by signature, meaning it is detected before execution. Good AV has behavioral detection, meaning once the malware is actually running (because its signature wasn't detected) it recognizes the pattern of behavior and then blocks it.
Windows Defender is not very good at the behavior detection. It can be better, but you need Windows Pro so that you can set windows policies, but then it also makes defender more annoying.
The top performers are usually Bitdefender and Kaspersky, although if you're in the US Kaspersky is not a good choice as they've been banned so wouldn't get any software updates.
If you're running a business. Defender 365 is excellent. It does better than most. You just need to configure it correctly. You also need to use all the features such as Exploit Protection, Controlled Folder Access, and WDAC or AppLocker.
As the poster below says, Kaspersky, or BitDefender if you're in the US.
This is why ad blockers are more important than antivirus software ❤(assuming you didn’t download a fake ad blocker😂)
- uBlock origin combined with AdGuard
- popup blocker (strict)
- AAK (Anti Adblock Killer) tampermonkey script
- Firefox browser
Works for avoiding stupid fake download button ads
uBO and AdG ?
isn't this an overkill?
@@ТоварищКамрадовСоциалистКоммунIts better to have an overkill in this case just for you to be relatively safe
yes, adblocker will stop you from downloading games from torrent.
you might be right that overkill is better than nothing, but I would rather made a different list, which include "noscript", some good firewall, some secure DNS with an additional stop list (in many cases you can choose what exactly you want to avoid, MW, adult content, sometimes even social networks WHICH IS GREAT)
Thank you for the video. Btw, What happened to "Best Antivirus/EDR vs Unknown Ransomware part 2" video ?
Good question
😊
It’s like the Matrix, what you see isn’t the real threat, it’s what’s lurking beneath the surface.
4:25 to 4:30 For those who are photo-sensitive, you might want to either look away or skip to 4:30. This video fails WCAG 2.3.1 Three-Flash Threshold, Level A.
The PC Security Channel should have its own branded antivirus. We would all get it. 🥰
Developing that kind of software takes a lot of work, and you would need a team developing and maintaining it. Virus Total has an app of their own which you can run.
It probably be Kaspersky.
is there any example of turning any YT star into a strong IT or any other kind of professional business?
I know only Rob Braxman, but it's rather a small business than full scale IT company
that would take a lot of time to make and employ some It engineer to make such a good AV
Our company spent 5 years working alongside Solarwinds to develop our own antivirus, Quickwatch. This is not an easy thing to do.
Just the other day I had someone open a zip file and try to run what was inside. Windows defender seemed to get it. But the company firewall was blowing up. Had the pc trashed. Not worth the headache.
Hi! I am not sure I understand. I am not a native speaker. In the end, which one of the programs was good?
wtf you mean you trashed a whole pc you amateur
Defender did it's job
Why didn't you just reload windows with a clean install?
Currently wiping my entire windows disk because i got whacked with something like this. No more windows on bare metal for me ever again. Tired of this crap.
If this is happening to you frequently, or even more than once ... maybe the problem is your behavior. Sorry, not trying to be mean or anything, just saying that is absolutely not the normal experience for people.
What do u mean by bare metal
If a new file like a 0Day one passes detection when scanned but there is still a doubt in your mind act on your gut feeling. You can always come back to the file in a month or so and rescan, which by then security scanners should detect it if it is indeed malware.
I keep my tax papers and stuff on a separate air-gap PC. It's a pain to have to use removable drives to transfer files, but I know that they will not be sent out over the internet. It is getting harder to do though.
don't be so sure. i'm currently writing malware targeting removable drives. It even starts its execution out of a removable drive.
@@lumikarhu yes, but that requires a USB controller that can be updated. And Linux does not have the auto-run issues windows has. And it's hard for malware to transfer GB of data a little at a time. yes it is possible, but I don't think I am that much of a target.
@LaserFur, we've locked off USB, external drives, and Auto Runs.
@@Schnitzer325ci that reminds me. back in the 90's I had access to really accurate current measuring equipment at the power substation. As a joke we were able to send a few bits of data per day by flashing the CRT white and back at a set frequency.
I love this channel. I have already learned so much just from the 5-6 videos i've watched so far. Thank you 🤟
Great vid Leo, informative as always!
Great job and effort, Can you please make a video on How to discriminate between Real Malware and False-positive detection or even a Generic detection! Thx again ♥️🙏
This is why you need to be able to analyze the details extracted from virus total like IPs and domains and see if those are flagged.…
plus the attackers update the stub everytime when its get detected to make it again fud every 2-3 days they obfuscate it new
How can we really know who offers the best anti-virus protection?
it's very individual because nobody but you could possibly know what is the best for you.
My conclusion over decades of experience starting with Win3.1 that an advanced user need no or almost no AV for their home PC. The only utility you need is some Analogous to AppArmor, for Windows platform the best seem to be different HIPS utilities which you can find in any good enough security package. AV will be included just for your better protection in these packages )
If you aren't sure how to get an example of security pack having these HIPS utility, ask your search engine "Host Intrusion Prevention", then scroll down after OSSEC and other corporate or network security utilities, and get to the personal/private segment.
In my case these were the first:
ESET
McAfee (I didn't know but they may have something like this lol)
Kaspersky
Microsoft (haha)
Sophos
Trendmicro
Xcitium/Comodo
and might be some more if you look deep enough )
You can't. All you hear/read are people's own opinions, not facts.
there is no beast Av .. we are the av . knowledge of not clicking links. download cracks for software/games
locks only keep honest folk out . what is the best lock to have on my front door?
adblocker will save some headache whilst searching the web
these criminal masterminds no the tricks.
back in 2010's it was a massive amount of videos on TH-cam for cracks for this software ,keygens for games,
99% were just there as a platform to see who is desperate enough to get there hands on cheats for Minecraft. hacks for csgo
games . free games seemed to always get my dad.
education is so valuable.
the power we have at our finger tips. but not knowing how to use that power makes us vulnerable
now a days like this video
the criminals are using google ads, duplicating trusted software. because some of are none the wiser that there is a dodgy authenticator...
strong passwords can only do so much . 2fa .and recovery emails. security keys are needed...
i absolutely hate passwords. the amount of accounts i have on different sites. all needing 15 char pwords . you chose a password vault .
if all it takes is to run a exe and bam your browser credentials are stolen ..
and every single account on every single site is in the criminals hands
but they dont care for old mc accs. they want bank, paypal, youtube, fb, X , where they can spread more.
stay safe out there
virustotal because its every anti virus combined
I remember watching a video on how Defender works (according to MS, so I'm sure they made it sound a bit more impressive than it really is). Basically, iirc, Defender will send files to the cloud to analyze them. The first user who is a victim will not be protected, but then the cloud service analyzes the file, determine it to be malicious and now Defender will protect against it... But that of course means that users are vulnerable before it's determined the file is malicious. No analysis is 100%, though, and I won't pretend to know how effective it really is. I'm sure some malware may slip through undetected.
Forgot it if was files in general, only executables or if it was email attachments that works like this.
did you double check of pulsway is headquartered anywhere outisde of US? Or who it's CEO or officers are? I'm curious. With Kaspersky gone, we need to be careful with ALL downloads.
See in 2022 I got redline stealer Then removed it and reset my device and changed passwords and enabled 2fa but 2 months after its almost like the session hijakced me and they also changed my password for some of them and it shows they changed my gmail password on my iPhone which was impossible but then every email I made after the infection never had any of this happened.
First time viewer of this channel, only thing I could say is; the presentation is great. Could be better thogh, you make reference to people doing their own detection twice. Could be helpful to maybe mention a few easy techniques eg…. task manager
Hey, im pretty new to this channel. Did you do a video on what you personally use to check files, what virtual machines do you use or i guess what you would use on a day to day basis to do random stuff and downloading ? I feel like i'm something getting a bit paranoid when it comes to antiviruses, passwords managers, where to save files etc
💡that was insightful and awsome🔥
so what are the best options to avoid them? aside from "know what you are doing" type of recommendations
Physical firewall?
LINUX with hardening?
BSD?
and how is BSD secure in comparison? it's a unix like just like Mac OS so do they get affected by same malwares?
thanks for your wonderful videos 🙏🏻
For most typical users, it's sufficient to just do 2 things: (a) block all ads, everywhere, and (b) don't click links or attachments in emails. There is malware for Linux, but because it's such an unpopular OS, there's just a lot less reason to create it - even more so for BSD. Security by obscurity isn't pretty, but it often does work.
Hi...
Thanks for your precious information.
Anyway, how can I access "Detection Evolution" by clicking "Security vendor's analysis" like the moment at 0.16 (google chrome here) .
I'm asking because, although I can see "Security vendors' analysis" above detection list, for me it is not clickable and has no arrow pointing down, so I can not view it, even if I'm signed in .
Also tried with MS Edge with no success .
Lots of thanks in advance,
Awesome video! Thanks for posting!!!
security software could check a generated reliable unique sha of some sort along with software name, company, etc, then see if there's any scans at all, and if there are no scans or it differs from an upload from an official source, or if it is too new, upload and flag for extensive security tests. At least users would be capable of getting a warning about that the file in question is potentially dangerous because it is so new and there's no recent scans for the file. I assume checking for expected methods of avoidance could be used too.
it's called digital signature validation
Do you have a video on Sandboxie?
i got maybe a stupid question recently i wanted to check ram timing , so looked to dowload programs to do it like zentiming or typhoon burner and notice all of them got 1 report , on virus total is there a posibility of fasle-positve ??
Why download a program for that in the first place? It will tell you in task manager -> performance -> memory
A while ago all rust compiled binaries on windows were being flagged as malware. I had to report them as false postives.
If u have a firewall that autoblocks all software connections to the Internet. Would a virus be able to get thru it?
Meanwhile, my harmless .exe file compiled with C++ gets deleted by Windows Defender
hallo
i watch movies and anime shows on my computer "for a noot pirated sources" want to know can my goat any viruses or those tips of things from a mp4 or mov files
This is why system hardening helps. AVs are just one component of what you need to be doing. One of the biggest things though is ensuring you're not browsing shady websites and downloading weird things.
this is especially true for home users, who I guess 99% of people here. The most secure and also less expensive way is to make the system armored. This armoring includes firewall, security suits or a set of utilities for protections, which should be utilities like AV, HIPS, cloud protection, privilege based restrictions, and should for most users include additional features like filtering of content and malware blocking, either as a separate utility, or included in some package like uBO, or sometimes provided by secure DNS companies.
Using them alltogether (and actually even more) is a good way to go
Can you make a video about antivirus software for and malware on mobil devices?
when i was on metered download limit i use to save all downloads on a hard drive MONTHS TO YEARS LATER some of downloaded files would be flagged as UNSAFE
Awesome Thank you for Sharing 💯✴
The problem with malware today is they use ram and .exe programs that are flagged “okay” to windows.
Best AV in the world is Kaspersky.
Bukan malware biasa2..? khas untuk orang tertentu sahaja? Solusinya pun bukan biasa le. Betul ke?
Do you have a video on how a malicious website steals login data without the user downloading a file?
I keep getting phishing emails, I dont open emails anymore
And what if its just a site?
Site also doesnt use cookies at all for some reason.
Can you please see if Roblox celex executor is malware
What's the solution 😢, it's better you give solution as well:(
It's simple. keep away from suspicious links and files as far as you can. Bitdefender/kaspersky/malwarebytes also have good 0-day protection
He did, guess people didn't listen. You need a good AV with behavior detection. Not one that relies mainly on signature detection.
He doesn't recommend specific AV products, doesn't want the conflict of interest or even the appearance of it. But he has numerous videos testing all the big names out there.
@@MTGeomancer we listen,and in list you can see except one ,none of them detact anything,I just asking him is there's any solution or way rather than fully depends on scan :(
VirusTotal only tells you if it is detected by signature. It does not show if something would be detected by behavior. Relying on signatures is not a good idea because it is easy to hide from it. That was the point of the video.
He has numerous other videos where he tests all the big names, and has done them against new samples. They show that some get past signature detection and start to execute, but then their behavior is recognized, the process gets killed and reversed by the AV.
@@RtwelveKyou can’t possibly detect for new malware using signature based scans when it is first launched, when it is obfuscated again in a different manner or when it is recompiled. As MTGeomancer says, the solution is not to use a product that only relies on signature based detection. Again, the PC Security channel has reviewed lots of products that has very good behavioural detection capabilities. They may fail to detect the new malware but they will still stop it in its tracks when the malware tries something it shouldn’t and very importantly, tell you about it so you can decide whether you need to do something more.
Sir, does Kaspersky standard that I use ve this capability
If I see something with less than 10 detections, I may assume it’s a false positive, so that doesn’t necessarily tell someone the software is dangerous.
Failing open is not a good security practice.
Less than 10 already sounds alarming, for me if I already see 4 hits and they arent "hacktool" or "ai" then thats already a big red flag
My pc doesn't show any viruses on offline scan
Can you test the Anti VIrus Comodo again with the latest Version
are they even exist now? aren't they rebranded into xcitium
@@ТоварищКамрадовСоциалистКоммун Nope still using Comodo normally without a new website
That's why you use defender ui to enable ASR on defender, or enable it from intune/group policy. And then you can enable the "Block executable files from running unless they meet a prevalence, age, or trusted list criterion" rule.
yes, tuning M$ Defender makes even this mediocre in public opinion security suite into powerful enough Host Based Intrusion Protection utility
though using a separate firewall and HIPS utility is preferable
Thx alot!
Nice but horrific insights.
DeerStealer
Life is not Shikanoko nokonoko koshitantan
can u review EVORIM Excellent Software firewall
I LUCKY THAT NEVER GOT EVILWARE SO FAR
Excellent video
This just makes me wear am aluminum hat even more 😅
While Avast thinking on new ideas on how to fool people to install its spyware and not get caught while doing so the third time in a row. LoL
I've been using Windows since 1993, and the last time I had an actual virus on my computer was in 1997. I've NEVER been hacked. I'm online every day for several hours. So I'm getting pretty skeptical about hackers trying to hack into people's personal computers at home. I think the vast majority of hacking efforts are against businesses. Maybe people using a laptop computer in the airport or a hotel are also at risk. Right now I have a mainstream AV program installed, but it has never detected any virus or malware on my computer. So I'm skeptical about TH-cam articles like this one that tell you your current AV program is not good enough. I'll change my mind if I ever get hacked, but that's a pretty big "if".
It depends on your behaviour online, but I think you're right that it's often targeting businesses, though that doesn't mean it's always like that. Malvertisment is a thing. That's targeted against anyone foolish enough to click an ad that looks fully legitimate. There was a time when downloading OBS was dangerous because the first Google result was an ad that led to a malicious site. If you got OBS from there, you would get malware. If you haven't gotten infected I guess you aren't prone to falling for these things, so please continue doing what you're doing. Just saying anyone can be a target, though you're probably right in that businesses are targeted more.
you know there are many people around who sip a coffee, fill in the excel tables and play minesweeper. Some of them may proudly say that they use PCs since 1893 and still had no issue. The question is: who cares
@@ТоварищКамрадовСоциалистКоммун Apparently you do, since you replied. Get a life.
@@Alan-rt3se oh you know I didn't make any advice to you, but since you started go into this direction, here is my wish list for you to do:
don't just get older, become more competent, nice and pleasant person as well )
and just to make things clear, I didn't point into anyone. If you have read my description and found that you perfectly fit it, is it my fault?
I often download mods for games as DLL files, i always test them on virus total and check the behavior tab. Often the detection tab can be wrong because some vendors would treat a lack of reputation as a red flag, and very new files have no reputation. But I can't take the risk so being able to use the virtual boxes in virus total is really cool to try and check things myself.
that's probably one of the most futile thing to do. If you don't upload all the files, uploading simply one of the library makes close to no sense.
Anything that is not signed by a good trustworthy author or company, and/or closely and routinely monitored by a company or a community, not worth the risk of installing on your main PC. If you have something precious there, of course. If it's purely a game PC and the most precious things there are game saves, it might be not a big risk )
So in short: back up back up back up and use different accounts for different activities, password protected and encrypted. Restart the machine between switching accounts to cut the link between them if one was affected. And back up again. Like you hopefully exercise hygiene between toilet and kitchen, exercise hygiene for computing and online behaviour.
So viruses dont spread thru user accounts on w 11?
@@AlfonsoMart depending on how you set up UAC. I must click yes even in my admin account when I want install anything, that after I checked it on virustotal in a sandbox. And still I count with an option to get infected. And for that reason I am transitioning all my machines to Linux and Windoze will run from USB only for the stuff I cannot do on Linux. And on that Windoze I have the main antivirus running and a second opinion from another antimalware, updated and ran manually whenever I remember. And that stuff keeps reminding me to upgrade, so I don't let it go for long without action. So far just traking cookies detected.
@@D.von.N sounds like a good job )
No. That's ridiculous. So in short, don't execute malware by being educated.
@@Capt-Intrepid I suppose you are educated in the matter. Come and tell us when it happens to you. There a was fake copy of Google authenticator, featured here, as well. How are lay people supposed to know? There was a trojan in MS appstore, presenting itself as Zip-7 or something of this sort. How are average folks supposed to know without running diagnostics they don't know exist, who are not computer savvy? And then there are zero days exploits popping up every now and then. Someone will be first to find out, many going infected for some time without noticing. It's a jungle.
You make it seem like getting with a day zero virus is common... if you were the victum of that you were either targeted or super unlucky - day 0 viruses aren't wasted on the everyday person (until basicaly its worth has been used up and about to be listed / patched).
These are not zero day exploits in the sense of a windows or other software vulnerability. This is just garden variety malware in a new package that doesn't get hit by signature detection (but would get hit by behavior detection).
ya'll need to stop with this 0day bs. you don't need 0 days to write a malware that will encrypt your files with an AV/EDR running. It just takes a smart coder and years of experience. Behavioral detection is possible to turn off or bypass too. Encrypting files, after you initialize the encryption, is just using windows api for opening and writing to files. Something you do on daily basis on your computer. Just gotta be careful because some files are decoy files left by EDRs - if you touch it you're caught. I've bypassed them too, though. Anyway you need hundreds of rules and months of analyzing user and network behavior to be safer - then EDR/XDR are superior to AV.
@lumikarhu the point --- your head ___
I tend to agree with everyone who's talking that it's not a zero day. Windows has so many weak unpatched points, that there is no need to employ some new vulnerabilities. As being said, all you need is just to run with your admin permission (or even without, depending on your UAC and other settings) some shady origin software, and that's it.
Since zero trust or any kind of app store is still in a developing stage for windows platform, the only way for you to be saved using standard utils is your AV. If malware was specially tailored, it may be unnoticed by AV, or noticed when it's too late
Step 1 - stop using windows.
Step 2 - there is no profit because we make our code FOSS.
Step 3 - go out of business because you can´t find enough workers being able to utilize your new FOSS workflow efficiently.
Eh the things I do on my PC are a hassle or in the case of some games I play impossible to do on Linux and Max is just overpriced. Besides the only way I'd see myself get hacked is if something at work or uni got compromised. In like 13 years of using computers I've never gotten hacked... I'm just very careful and keep my software updated. Any time I download something I double and triple check that I got it from the right place and if something is even remotely dodgy I try it on a VM (with some tools) first (rare and takes less effort than switching to Linux)
use dropper or fud crypher
Another good reason for procrastination.
Much appreciated..
we here
Thank you
Could we create viruses on a well-written OS like the AmigaDos of 1985, for example?
PS: More than 40 years of racketeering to mystify a sect of gullible people, that's a long time.
this is a security channel, not a hckr board
@@ТоварищКамрадовСоциалистКоммун Sckr board for believers. ;)
PS : Open the door HAL, i need to go shopping.
great vid nice point
what free antivirus do you recommend me to use?
None, they are all shit
Hii
I just bought a used computer, from a random guy, who helped me set it up, and everything in my apartment. But suddenly after 1-2 weeks, it start to crash many times with a blue screen telling “some thing could not be proceded” the guy suddenly stopped answering my messages, I was out of hope, and then choose to reset my pc to factory new, and now i am afraid if i am hacked, what should i do?
Get off the internet gramps
how many bots are in the comments already lol 😭😭
pls do not hak mi
people forget/ doesn't know about zero day attack
Like you? Because you don't need a zero day attack for malware
thx
How do you tell a file has a false positive? Say only 1 detection.
Give it time. It isn't oxygen.
I expect that the incorporation of AI and ML techniques by AV software will enable faster detection of emergent malware.
probably the least useful video on the topic...10.00 minutes of repeating the same thing, over and over again. just 20 secs vid
Repetition is a great teacher
why not use chatgpt to scan each file scan, no matter how its written it should know what is malware or not.
Are you braindamaged
What?
@@andrewortiz8044 why not use chatgpt to scan each file scan, no matter how its written it should know what is malware or not.
hello,i am albanian virus 😂
lol :D
early
noobs always scared
legends disable Patchguard & DSE
No photosensitivity warning seriously?!?!
DON'T USE WINDOWS! it's that simple.
The main reason Windows has so many malware issues is its popularity. As soon as the masses change to another OS like Linux or Mac OS, that version will become the target and then become the same, and in some cases worse. For example, Linux does not auto-update natively. Just like the earlier versions of Windows XP, it would quickly become a nightmare as the average person would refuse to update their system out of ignorance or laziness. Aside from one main problem with Windows, mainly the insistence on backward compatibility, it is a secure OS due partly to the automatic and constant updates. Good cyber hygiene is the most important thing a person can do; for example, do not click on links in unsolicited emails/texts. Verify the URLs of websites before entering your information, and of course, do not open passworded files from strangers, to name a few.
Linux hardware compatibility is also a problem. So get tf of here! There is no security on internet!
@@unclevampy yep! 100% it's just a matter of time.
no, don’t use the internet
plus like they said Linux is rarely used by the mases so if you got a problem and don't really know about informatik you loose. sorry for bad english
Booooooring
6 views in 1 minute, bro fell off
also first comment not counting bots
You mean Martina is a bot? For shame, and her underwear was so alluring. I could not wait to hear more about her and her bot boyfriend.
robot
what is the discord link
It's literally in the description
Thank you