So shocking that there's groups of people who are highly intelligent, but instead of using that for humanity, they decide to do this.

@KeenLaF

11 ай бұрын

These people do end up forcing "improvements" typically

@moogleking

11 ай бұрын

Some people just want to watch the world burn

@fbiofusa3986

11 ай бұрын

They’re not even highly intelligent. Anyone with an internet connection can learn to write a kernel driver, map it to a vulnerable signed driver, and build a robust root kit. The reason it’s “news” is because most of them are too incompetent to actually do this

@iamakash_

11 ай бұрын

It may be that society, their school, or their parents failed to give them the proper guidance or should have appreciated them without comparing them to others.

@Entropy67

11 ай бұрын

It makes beyond a shit ton of money

I remember in old, good days on my WIN98 i had a security program that was blocking every executable file. Only after explicit permission (one time or always) they were executable. Even secondary files sometimes requiriered permission. Well, it made the PC secure but difficult to use.

@Dumb_Killjoy

11 ай бұрын

That sounds like Vista's UAC

@nonlinearsound-001

11 ай бұрын

It might not be as accessible as what you describe but MS reactivated the Applocker feature in Windows again, at least for version starting with Professional upwards. So you can, if you know, which applications should run on your system, set up Local Security Policies that define what application can run and which cannot. Might be a starting point…

@MsTatakai

11 ай бұрын

Norton was like that... was picky but yeah safer i would say... but if you do the same as that antivirus do, you are the antivirus and its all good

@mrrobotvpn5012

11 ай бұрын

Was it TeaTimer?

@andyspark5192

11 ай бұрын

@@mrrobotvpn5012 It was over 15 years ago. I don't remember it anymore.

Had it on my system. Emsisoft originally flagged the 2 .sys drivers, but after i sent them samples they dropped the malware designation. Subsequent scans with Emsisoft, HMPro, NPE and Kaspersky VRT were all negative. There were no running processes and since I used Zemana portable a few years ago I didn't think much of it until this video. I subsequently scanned it with MBAM and quarantined them. Thanks Leo.

I find it frightening that someone might combine AI with viruses to create intelligent malware that can adapt to changes and exploit people's weaknesses.

@ShawnStrickland

11 ай бұрын

It's not a might it's when.

@feynstein1004

11 ай бұрын

@@ShawnStrickland Pretty much 😕

@andrzejandrzejski229

11 ай бұрын

Thats a common missconception that ai exists in the first place. Some might wrongly assume viruses are already doing that when in reality they are only doing what they are told to do. Same for any "AI" up there. True AI does not exist.

@jett4603

11 ай бұрын

But you could also use AI to detect and prevent exploits; I still believe malware will always be 1 step ahead though

@byF4b1

11 ай бұрын

@@jett4603 Fun Fact or not so fun. We are never ahead of maleware! A firewall only stops something it knows that is a virus. Meaning if a new maleware is uploaded to the market your Firewall probably will not be able to detect it untill it is to late (like your immune system). However there are bait pc's that record this and give the Info on the maleware to big Firewall distributers (IP Fire or smth). (Atleast that is what I still remember from half a year ago when I had a module on firewalls.)

this is absolutely fantastic to know. I'm still learning a lot of what feels like basics in tech safety. and I always feel like I'm learning something new from you :)

This only works if you disable UAC. Backup offline and often in case of disaster.

@cutiepie5884

11 ай бұрын

u sure?

@neilwilson5785

11 ай бұрын

most people are not stupid enough to disable UAC.

@iburuma3621

11 ай бұрын

@@neilwilson5785 Most people are too stupid to find UAC.

@Skiman__

11 ай бұрын

I had done this when I thought I knew better, but then after learning a bunch more, I understand it’s better to atleast get notified if something is requesting admin privileges. I have it in the lowest setting, so it doesn’t break my workflow, but it’s abrupt enough that I don’t mindlessly accept it.

@griffin1366

11 ай бұрын

@@neilwilson5785 haha hahhahaha hahaa

Seriously I find it odd that people disable UAC, Smart Screen & then complain when shit goes wrong. Seriously though, there is another example of a company that needs to pay for abusing driver level files & doing so poorly so that it gets used.

@mixit247

11 ай бұрын

Its easier to fool people than to make them understand they are stupid

@user-zezezozodarkdomains

11 ай бұрын

The situation we're in right now is far better than what it was. It was the fact that Windows usually got bad rep when it comes to security instead of the oh-so-useless Security Center, then starting from 8 they beefed up by having Windows Defender be the default, and further in 10 they update the thing even adding layers like Smartscreen.

@artorias550

10 ай бұрын

smart screen pretty much never works. It alerts you about 90% of files because it thinks they are suspicious. So you soon start to allow everything without thinking. Not to mention that this is sending all your files names into cloud. UAC is also annoying because many software and games require admin to work properly so advanced user trying to use basic account would have to enter password 20+ times per day.

@user-zezezozodarkdomains

10 ай бұрын

@@artorias550 " that this is sending all your files names into cloud" The same as how every executable got digitally signed and certified, and outside of Windows, basically how every app being marked as "safe for public deployment" including and especially mobile apps. UAC is and you're living in 2007-2008, since 2009 very few if any apps require true admin access and those that did has only Yes/No answers, which brings the risk to the users alone.

@SunnyWu

9 ай бұрын

@@artorias550 I think Windows need to add some sort of setting for UAC that enables like a 5-10 second delay before you can press yes, on any user so you have to sit there and stare at the prompt to make sure you actually read what you're accepting.

I use AV all the time, I have heard many people say that it is a waste of time, but I disagree, The AV may not be perfect but it at least adds some form of protection against Malware. Having a small AV is still going to be better than having none at all. Think of an AV like a Car Seat-Belt, it may not save your life in a car crash but it will for sure help in doing so, and hopefully it will save your life (Hence why you should ALWAYS wear your seat-belt). And as for people who say "use your common sense", everyone can fall for these Malware/Virus attacks, even Linus as you probably know got his channel hijacked proving my point. Common sense is not perfect at all, the best thing you can do is be vigilant and cautious with what you are doing.

@Puda

11 ай бұрын

It makes sense if you know how security works on a PC ie: you are a security specialist. Otherwise any website can be infected with malware without Google actually mentioning it. It makes no sense to disable your AV if you are a regular user.

@thephoenixking1086

11 ай бұрын

I would still use an AV on my PC even if I was the most knowledgeable Malware Specialist on the planet, a bit of extra protection is better than none at all. But yeah, I agree with the rest, It is scary that Google themselves are spreading Malware by promoting fake websites (such as the OBS clone that steals your info). You really can't trust anything these days unless you already know what you are doing, this is why when my friends/family ever need help with software, I will do it for them since I know what to look out for.

@capulini

11 ай бұрын

Linux Defender

@RjKumar111GunnerRj

11 ай бұрын

diligent is another word you could use, but you are definitely right, it is safe to use antivirus even if you may not need it

@mr.chinmayajoshi2688

11 ай бұрын

Great comment!

for anyone wondering how the driver was abused at all: it was simply a driver that you can consider 'vulnerable' there are hundreds, maybe thousands of these drivers laying around in the wild, and it is simply due to them having some exposed way to access the driver. this eventually leads to them being able to directly invoke kernel functions from usermode or perform r/w operations as if they were kernel, this is dangerous. this has been used multiple times in what people call 'kernel driver manual mappers' or used in game cheating to bypass usermode restrictions of kernelmode anti-cheats like Easy Anti-Cheat or Battleye. microsoft themselves and anti-viruses like Avast have tried themselves to purposely catch these vulnerable drivers being loaded, and they have added MANY vulnerable drivers, just the developer of this malware simply found one that was not blacklisted by AVs yet, and used it. definitely interesting it being used in malware since i've only seen it be truly used in game cheats.

You know what would be even scarier? ...if Terminator created an impostor process with the same name, icon, and memory usage as each antivirus process it terminated, so you couldn't notice their absence from a glance at the task manager. It might be way easier than the previous steps, it would not involve tampering with antivirus files. Although it might involve writing a new application to disk and launching it, which sounds like the hardest thing to get away with if even one thing like windows defender is still functioning. I imagine any new thing the virus does has a risk of detection, so if its goal is anything other than to lie in wait like a keylogger, it should sprint to the goal.

@stevebabiak6997

11 ай бұрын

Process ID and launch time could still be used to identify that something nefarious happened.

@user-zezezozodarkdomains

11 ай бұрын

That was as old as XP itself, it was infamous around 2010s as an impostor service control host

They did what I needed back when sophos was causing me issues and it wouldn't uninstall 🤣

Well, if you have admin you can do what you like anyway, so getting the User to run it is going to be their trick for sure.

@MaksKCS

11 ай бұрын

This is pretty new because it bypasses AV self protection modules.

@joepjoep9531

11 ай бұрын

Good video Sophos now encouraged users / admins like they always did btw to install the client as a user not under an administrator account also for sophos home premium plus if you would have a windows login or pin you would need to know this before you are even able to turn self defences off on the machine and as you also said keep them out anyways but true it’s kind of new that it is possible this way and also they will never know the password to my admin dashboard with 2fa

@Entropy67

11 ай бұрын

I don't think so. Getting a user to run something with their own (probably Admin) permissions is not very difficult at all. There are many different techniques that disguise executables as other types of files, and someone not paying attention could casually grant administrative privileges. Its actually not uncommon, and now your antivirus is essentially useless with this because it can kill it once your compromised. Your antivirus cant do shit. Basically it proves that antivirus above the grade of what comes integrated with mircosoft are nearly a waste of time, because they can be directly killed the moment a mistake is made. You need to be even MORE careful about what types of files you run and exactly why there is an admin request popup on your screens. Never trust an outside file. Run everything through virustotal.

Yet another reason to never use an interactive logon session where the owning identity holds local admin rights.

I have a question if you install an software and ends being a is malware software right. And supposed it sends all chrome history of the session to the hacker does that count like a cookie? like he can do stuff on their computer or not. Like my already logged on session mess with or the to login etc. maybe im not making sense. I’ll appreciate it :)

Hey bro u should do a video of a Expired Kaspersky License vs Malwares! It would be a very interesting video cause my subscription ended like a month ago and I would like to know if it’s protecting my PC since there’s no other video like that in KZread rn. Thank you and keep the content! It’s awesome and entertaining to watch

@LakadMatatag2702

11 ай бұрын

From my experience, you can always trust Kaspersky. Their product is superior, just my opinion🙂

Covered on Malwarebytes June 6, on Trendmicro May 2, and Bleeping Computer on May 31. Lots of people posting questions about why their antivirus is blocking this “driver” after these publications. Apparently using Google is too hard for some people.

Wow, just found it on my system..I don't know if this is a remnant file from when I installed Zemana years ago, as the file date is from 2018, and I don't know if it's just been sitting there or not, but yeah.. I don't remember my AV shutting off though, so I guess there's that.

this is why you never ever use an admin account for day-to-day use

@powerpc6037

11 ай бұрын

I use nothing else. But common sense is still required as you normally don't run every exe as admin after downloading, especially if you didn't download it intentionally. The admin account still asks you to run your exe's as admin if it requires some admin access and you still need to set the checkmark to "run as admin" to do so. We even had a game/program that wouldn't run on a normal account (don't remember the name), even when "run as admin" was checked. It really required an admin account for some reason.

@ezruy

11 ай бұрын

@powerpc6037 there are ways to bypass UAC and run as admin using certain API calls. The user will get absolutely zero indications that this has happened unless they are specifically monitoring the related processes. The only way to prevent this is to use a non admin account.

@christopherleubner6633

11 ай бұрын

Yup this is the Way...

I wonder if core isolation can detect this driver as an issue

OK ,so what's your advice then ? If something which has established superb performance over the years (like Sophos has done) ,can be bypassed and shutdown ... well ... what end-users can do to protect themselves then? --I really considered Sophos as the "pinnacle" of protection all these years , when i see something like Sophos being shutdown (0:40) it's like i'm witnessing a *security-nightmare* !!

Does this still turn off let's say ESET when you have a password you have to put in to make any changes or uninstall it in the AV itself?

Can a make a separate video on crowdsec for personal windows user or Linux user

How is the driver loaded at runtime? I know there are ways to do it, but most of the require vulnerable drivers, to be loaded, so this should be detectable, anticheats in videogames also detect it. I also started only downloading from trusted sources.

I love how of ALL AV, McAfee actually detects it 😂😂🤦‍♂🤦‍♂

@Tomb_Raider123

11 ай бұрын

Other AVs may also be able to detect it. As vt analysis may not be the exact way of telling whether an AV is detecting it or not. Its been detected by Eset as well.

Unless I missed it, or did not understand it, I did not see what it is that a victim would have done to get infected.

@domdomdomme1203

11 ай бұрын

You have to click yes to a pop up in order to get infected, but if you don’t notice any suspicious drivers in your system32 folder and your AV is still up and running, you’re not compromised

@felicityc

11 ай бұрын

Since it is just an .exe there are a variety of ways to deliver a payload to a victim. It could easily be disguised into something like a game crack or cd key generator, in a classic way. Or you could use one of those fancy new pdf urls to trick people into running an exe. Lots of ways, unfortunately.

@NoEgg4u

11 ай бұрын

@@felicityc True. But we have an entire video warning about the dangers of this malware, and they gave no warning on how someone becomes a victim of this malware. For those that are not computer savoy, they are left worried about this malware, without a clue on how to avoid being a victim of this malware.

This is relatively simple to make - for a specific vendor - even without reverse engineering the AV/EDR itself. Just there are many vendors. But for someone selling this that would not be a problem. The issue is it will get detected after it's found in the wild, and then standard cat n mouse game. Most of the self-protection I've seen so far in commercial AV was laughable. At least as long as you don't just lock down all administrative access - which is not viable.

@pcsecuritychannel

11 ай бұрын

Interesting, why do you think it is laughable? I thought MS made some progress with the whole AMSI/ELAM process allowing AV drivers to load before everything else and protecting malware from replacing it etc.

@TheFPSPower

11 ай бұрын

For enterprise locking down administrative access is the default, if you need admin credentials you ask someone to do it for you with justification.

@JohnDoe-ln8jp

11 ай бұрын

@@pcsecuritychannel that would be ELAM, AMSI is something that allows scanning scripts (like powershell) before executing them (and often causes more problems than solves). yeah, entering kernel space might be an issue, but most of those detections, incl proper hooking, are not implemented in the driver, instead they control the driver. ELAM is more of a way for early protection before the system services can do their job as they're not running yet. if you have admin privileges you can mess up those services, incl sending shutdown/pause command to any ongoing monitoring inside the driver - for most products. though I don't know how that works in enterprise grade EDRs, I've only ever used one, and didn't try to do anything untoward to it at the time :)

@JohnDoe-ln8jp

11 ай бұрын

@@TheFPSPower true, but then again the malware in the vid wouldn't work then either. unless it only needs admin priv to drop the zemana driver, then it would work if you already had it

@fbiofusa3986

11 ай бұрын

⁠​⁠​⁠@@pcsecuritychannelall you have to do is get kernel access. All this does is manually map its code to a vulnerable kernel driver. Windows defender doesn’t even hook the most basic Win32 API calls, so I find it hard to believe they’re able to actively hunt down day one malware that’s running in root 0

Thanks for the great effort

Surprised this is possible. I always assumed that if a process is run as protected (which antiviruses run at) then it required the process itself to terminate it (which had to be signed by the same certificate as the antivirus itself) precisely for this reason?

@PunakiviAddikti

11 ай бұрын

All you need is to find a vulnerable driver and exploit it. If you put together a small group of really smart and malicious losers with too much freetime and alcohol, they can find one in less than one month.

Hello, I have a process in the task manager that is called "Book vopeme" and it runs a service called "Gnomebeatmapme" I believe it is malware I tried killing it before using the process explorer, I tried deleting the files, I tried deleting the registry keys but I can't access them and tried cleanbooting the laptop but I couldn't even disable the service and it shows up as unknown in virus total what should I do?

Can You test ClamAV and compare it with Avast, Comodo... other free AVs?

An interesting EDR/AV bypass technique that is being used by ransomware operators currently is using legitimate antirootkit tools, like TDSSKiller, PowerTool, GMER, etc. As EDR/AV is effectively a rootkit, this approach can work well. I wonder if this Zemana AntiMalware driver technique is similar. One of my tasks when I start work tomorrow will be hunting for this Zemana driver, and adding custom detections to our EDR should it appear... and yes, we use one of the EDR's this thing terminates!!

I have a old laptop around 10 years so it saw some action. The windows defender flagged zamguard64.sys in system32 today as a serious threat detecting the trojan:Win64/Spyboy!MSR is this a potential threat or does it mean that I got infected with that virus already? No folders were encrypted or anything. And besides starting with only ms services and running a full scan what should I do?

I mean trying to shut down comodo firewall as admin is impossible you can shut down the GUI but the kernel process still runs obeying its rules. You have to uninstall it even then you need a tool to get rid of it all. But imagine when they have malware that uninstalls your AV/FW turns off UAC in the background with no GUI windows now that will be something.

Can you please compare free abtivirus to the premium basic oferings ? like avast free vs bitdefender free and agains bitdefender antivirus plus

This won’t work with WDAC and running as a standard user, which most corps are now doing.

I wonder if it works better than Sophos own SophosZap to kill broken installs ;D

I’m basically a noob when it comes to such things, but why for the love of god does it take the AV vendors so damn long to just blacklist this? I mean at this point it’s out for over a month and still only at 8 detections according to Virus Total

@powerpc6037

11 ай бұрын

since it requires the checkmark "run as admin", I guess most AV depend on your common sense to not run unknown exe's, especially with that checkmark enabled after some download is complete, and won't bother to implement actions to blacklist it

@domdomdomme1203

11 ай бұрын

@@powerpc6037 I set UAC to the highest level possible now just to be safe

So... It needs to ask you run as admin.. then it can do anything... Just like any other program that runs as admin. What's surprising?

I received 3 days ago a random email with a .ics file (iCalendar) and I didnt opened it, just flagged it as spam. I did some research and i found out that a .ics file could have an URL from a website/server which is running viruses to install. Please make a video or remind people to not open random unknown emails with attachments. Usually, unknown random emails contain lots of numbers and letters in the message. The message is harmless but the attachment is the bomb.

When are you going to test antimalware software again ?

Thanks for this video

Also, would Comodo sandbox thwart this from destroying system?

I think I have this how do i get rid of it im so scared Edit: i factory resetted, it seems to be gone

What happens when a version like this virus disables UAC and survives an OS reinstall, lives in the motherboard's bios, etc.

@markae0

11 ай бұрын

How much memory in the BIOS?

@Puda

11 ай бұрын

Is that even a thing these days? I thought it wasn’t possible anymore.

@arc8218

11 ай бұрын

how much memory is ur bios ? 100mb? xD well if they can make small enough to fit in ur bios memory

@turkiyett0928

11 ай бұрын

Wow good idea😊

the registy exclusions thing is a thing i discovered 2 years ago but never said XD and i put malware and stuff

Kills Defender? Sound great, where can I download it?

can it run on winehq linux 😮

Kudos for being a Rossmann fan

Its sad people focus on attacking alot more then defending.😒

Let's say i got the malware and i dont want my data i just want to remove the virus and make my computer run again with no problems what should I do?

@1p2k-223

11 ай бұрын

Then reset it. If you want some data, you can copy it into a USB and scan the USB with an antivirus without admin rights

@igorthelight

11 ай бұрын

You could reinstall the OS or start from an USB drive with an antivirus and try to clean your system.

What about COMODO?

Can you record content of *Pegasus Spyware* ?

@pcsecuritychannel

11 ай бұрын

I talked about it in the antivirus for your phone video.

Terminator.sys wont load with secureboot and tpm 2.0

Round 2 I will see them both my audio wasn’t bad the first time but nice quick fix for those who had problems with the audio

Mcafee : HA! You cant kill me , if i trash the OS first

That's so unconvenient for Microsoft and the NSA. Now they have to close the security hole and create another one. You evil security researchers...shame on you.

Why does no one mention comodo firewall its defense function scans these files in the cloud they picked this up ages ago.

@SunnyWu

9 ай бұрын

The company hasn't updated since 2021.

@HonchHeado

9 ай бұрын

@@SunnyWu Actually it has and still works good. Say hello to Winny the poo for me Mr CCP LOL

So now we should start protecting the Antivirus from virus? 🥺

I wonder if Kaspersky free can stop the terminator Malware. I use both Kaspersky free and Malwarebytes free. Kaspersky has kept my system clean. Malwarebytes confirms no malware on my system. Kaspersky will want you to remove Malwarebytes, but they both work fine on my system.

6:45 ...got "Distracted"

now the things are going dangerous, i was thinking as long as you have any premium antivirus running ,you are safe 😢😢😢 now that time is not far enough when people says " if you want to stay safe ,dont use internet""😤😤😤

@SunnyWu

9 ай бұрын

Anti-virus doesn't block 100%. It will always be a cat and mouse game. Funny you say, don't use internet. When I was a kid, I actually wrote a small malicious script (it would eject your disk drive at random intervals, yeah I was bit of a rascal back then). You can spread stuff like that offline too you know through social engineering. If I remember correctly, on Windows XP, I was actually able to inject it into the Windows startup too. A couple friends got somewhat mad at me. lol

@mkumar04

9 ай бұрын

@@SunnyWu you are saying , you are not safe in any way ? be it online or offline ??

Damn I need this just to uninstall Norton

@LakadMatatag2702

11 ай бұрын

I once tried to uninstall my Libre Office. It keeps saying that the msi file doesn't exist anymore and won't continue the uninstall. I gave up for a long time and then when I come back to this stubborn program, I just downloaded an arbitrary msi and put it in the right folder, renamed it to the required name and then Boom, the uninstall process suddenly went smoothly LOL.

so how to avoid getting infected?

@arc8218

11 ай бұрын

just dont disable UAC

@SunnyWu

9 ай бұрын

Use a condom.

First one yo thanks for the good content

The terminator terminates

The best method is don't download anything you do not already know what it is and where its coming from. I've been online since 1992 and had a virus 1 time ever and it was in the very beginning of computers. Ever since then I am exceptionally careful of what I click on and what I download.

@LakadMatatag2702

11 ай бұрын

Or rather find a reliable source to download from. I am from Vietnam and I once downloaded Grammarly premium from an an unknown source and my laptop was infected. But I also downloaded a lot of cracked software from Vietnamese sites and they never scam me, the cracked software always works. So you know my moral story, only trust my Vietnamese site when it comes to cracked software (I heard that these sites got the software from the Russian sites and then upload it to their page, but whatever).

Bitdefender Total Security Vs Kaspersky total security Vs Terminator Malware

LOL i actually called my PC The Terminator

What about McAfee?

@andyspark5192

11 ай бұрын

ask the guy from @Terminator-le1ye , he showed that Kaspersky gets disabled 

@mkumar04

11 ай бұрын

​@@andyspark5192 link please

@Tomb_Raider123

11 ай бұрын

As you can see in the video McAfee is able to detect this threat.

P.S. Please don't use it to make malware))) Respect the three ).

@casualamber

11 ай бұрын

You think bad actors are gonna listen?

@DePhoegonIsle

11 ай бұрын

You only say that if you are one of 3 mindsets. 1. A complete & utter fool 2. Covering your ass legally because you know what it can do 3. Covering your ass legally, while winking at the true purpose.

@SunnyWu

9 ай бұрын

It's like those people who post copyrighted content on KZread and say "copyright infringement not intended" or people who put "for educational purposes" on a dangerous video. lol

You should never trust anything that takes admin privileges anyways

Well, of course. If you have admin privileges you can do anything. That's why you should do all of your normal activities as a user.

I dont understand why literally every program needs admin rights

@philr.2661

11 ай бұрын

It's to prevent attackers running malicious programs, collecting your data, corrupting your files, executing programs in your task manager, changing your computer's settings without your notice. If you have an AV, it will detect most of these threats.

So the "meme" Mcafee is one of very few who was updated quickly to detect this. And Malwarebytes. Hmmm. BD and Kaspersky as of the time of this comment still just let it fly on through.

Hmmm . . .let's see what we've got here . . . $ cd "C:\Windows\System32" -bash: cd: C:\Windows\System32: No such file or directory

I back up my entire computer system every 2 weeks. In the event of malware or ransomware infects my computer--I can just wipe out my hard drive and restore it. Simple fix!

@ruben_balea

11 ай бұрын

@@yougoonie3338 That already happens to those using -Amazon- *Scamazon* devices, at least it happened to one guy. Source: "Amazon accuses customer of racism & shuts down their smart home - ENOUGH CLOUD JUNK!" video by Louis Rossmann

👍

Dear TPSC, I hope this letter finds you well. I'm writing to express my excitement about your upcoming video on creating a custom Windows 10 and Windows 11 Lite ISO file for low-spec laptops. Your expertise will undoubtedly empower countless individuals to optimize their computing experiences. Thank you for your dedication and contribution to the technology community. Best regards, Rasal Kumar Shaw

It won’t work with Deep Instinct. Lol! Technology has moved on.

This only works if UAC is disable. Don't get fooled

It's horrible wow

Simple fix Delete task manager

SHOULDN'T SOMETHING AS CRITICAL AS TASK MANAGER BE PASSWORD PROTECTED, AT LEAST AS AN OPTION???

@davidfishwick5573

9 ай бұрын

There is a GPO to disable task manager available. However this doesn't prevent users from using commands such as Taskkill to achieve the same.

You deserved to be hacked if you are using Sophos.

2nd time asking to make a video on djvu/stop ransomware and .ooza extension ransomware

I dont wanna see these videos fofff

Antivirus that can be turned off or doesn't stop every virus is worthless and a class action lawsuit should be brought against every last manufacturer of the software. What is the point in buying antivirus software?

The only AI we can trust.

Early nice

milionth:)

The only bad thing about something like this is someone taking that code and improving it. It happens all the time, the whole black hat market is full of people that will backstab you. Thus stuff like this is more likely to fall apart since nobody helps anybody.

Not first :)

"Russian hackers". Oh dear...

first :)

dislike works yeah

First!.exe

First If you’re a real one then you know it’s a reupload.

@johnsmith1953x

11 ай бұрын

It seems you're last.

So the best antivirus is your common sense

First

@officalcassiopeia

11 ай бұрын

How did you comment 6 minutes ahead of the video's upload time

@sturmalpha7288

11 ай бұрын

@@officalcassiopeia im a malware

Twitter trending 😅 Moscow,Putin,Russia