Your Anti-Virus LIES to YOU

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

viruses and how your antivirus lies to you constantly there's a lot of false positives out there and we need to talk about how antiviruses work and specifically what has happened to me specifically I feel like I've almost been targeted even though that's not the case uh I've recently had a Trojan uh flag that's happened on the actual uh toolbox Windows toolbox uh Windows Defender yesterday March 28th if you updated your system with the latest updates specifically I have the KB articles down there they started flagging my version of the toolbox before I updated it through GitHub the crazy thing about that update I really didn't change any of the code it just changed the hash and then all of a sudden things started working again and the script is no longer flagged but it begs the question what is going on with antivirus and windows because I'm not the only one uh specifically I got uh this Trojan leak and people are like oh I'm going to smitth this report and they did a virus total and look it's a whole bunch of different Trojan detections and you know seven out of 60 antiviruses flagged it as a Trojan in this one Trojan win32 casit rfn flagged it as an antivirus I'm like no it's a false positive no idea what Microsoft's doing but it ain't good but I'm not the only one this is happening to if we look on stable diffusion one of the most popular AI image generator tools out there it's free and open source and when you build it oh the guey and stable diffusion is flagging this as a Trojan win32 cast it rfn yeah interesting and this is just a simple python script and then I I posted a screenshot of this the script contains malicious content is blocked on your antivirus software and the top comment is uh from a developer called Jeremy Microsoft also does this to every python script that's packed with a packager that isn't signed after paying the extortion fee to the company I went into package signing I'll try and Link the past video where I was like okay this is ridiculous if you pay $300 and sign an executable you can pretty much bypass any antivirus so it's it's pretty much just a racket but I don't want to do that if we look everything's still open source if you want to know what tweak is being done it's all right here and I even broke it apart into separate Json file so if you only want to know what my tweaks are doing and you want to go hey I want to know what hibernation tweaks or activity history tweaks are being done here's all the registry edits that are done in plain Json file everything is readable uh if you want to just see what the script the full script with all this combined into one when you till ps1's what's being run when you run that command it's this script everything you can read it's simple Powershell commands from Microsoft you're not downloading things so I'm like okay what is happening and we'll get into the actual the thing but one more example just to prove my point curl. exe one of the biggest devs out there has been blocked and and quarantined by Microsoft Defender as well curl curl is known in the open source Community all over the place everyone uses curl and you can see Brody made a video curl Creator is sick of bogus cve security issues there's a blog post accompanying that saying hey what what is these windows user doing you know he's just really mad at the antivirus companies and rightfully so because he should not be getting flagged and this kind of boils down to how antivirus works on Windows uh well there's there's multiple different ways it's done but really the big thing is theistic that are done and what that means theistic analyzation is basically it looks at viruses and how they do things then it takes bits of code and looks at your program and say the same kinds of bits of code there and if they are maybe this is a virus it might flag that as a virus even though it's an innocent enough code it just means that some virus manufacturer might have used that code somewhere in there and I'll give you the good example of this let's let's load up Windows and what I'm going to do from a fresh Windows we'll close this is I'm going to run my script but I'm going to do it improperly normally I just say run as terminal with admin and it elevates and runs however I've coded something in my script where let's say you want to run something in Windows uh my script but you don't have proper elevation you let's do an irm Chris titus. comom win and pipe I to execute the script it downloads and what this does is it goes out grabs the script and goes oh you're not administrator it self elevates itself and runs it now you might be thinking oh well Pro Titus it should programs not self- Elevate well yeah they shouldn't but Windows is designed by crackhead and basically there's a bunch of different ways to self- elevate and my program needs system access to do system tweak makes sense right so if you go to tweaks and you want to disable Telemetry you want to disable a lot of system Services you want to disable how IPv6 the tro tunneling because you you don't want the conversion and extra latency going between ipv4 and IPv6 you these are Big system changes and you need administrative privileges to do those changes it makes sense but that also is going to be in a virus because a virus wants to make changes to your system as well so that same type of code that's used for elevation is in a virus but it's also in my script because well I need system access so that's one thing but there's also other lines of code that not very many people are doing and if you you you do this and you run this in the future this won't be here so I'm going to just tell you what I have to kill to appease the antivirus gods and that's going to be disable UAC this one's a big one uh I don't like UAC that much I find hey if I'm going to run something I know I want to run it but I understand UAC kind of exists to protect users and and I I get it so I'm going to have to actually get rid of that I'll have to do that tweak manually outside of my toolbox because I know antiviruses are going to see that and same thing most viruses that run on your PC are going to want to disable UAC so it makes sense that they look for that type of code also removal of M removal of like appex and and Microsoft Edge these are Big system processes and I honestly don't recommend running them and since I've gotten so many issues with these I don't know if a antivirus will necessarily flag because of the mass removal but honestly I'm just tired of people getting giving me issues about it going ah my system broke or I can't install vs code or or Visual Studio or all the other things because I removed Edge a lot of people don't realize if you're running Windows you're running Edge because Edge has so many subprocesses in the back ground and if you click this and remove it it likes to strip out like web view2 and all these other dependencies that you know so on and so forth so I probably will remove these things from the toolbox so enjoy them while they last but it's not long for this world mainly because of that problem I'm having so that gets me back to here does Microsoft are they are they targeting me are they coming after the toolbox because they don't want Telemetry disabled and people to strip down their their window I don't think so I honestly think it's just horis analyzation in the flawed nature of antivirus on Windows and you know I think rightfully so and I Endor this comment honestly on this video just use lenux or Mac both aren't going to have this problem because they're actually designed in a unic style environment where I'm just sick of Windows a lot of times windows and having to deal with this and then having you know get in and ated by people saying I'm infecting them and I'm coming after them and I'm a bad actor because I'm giving out a free and open source piece of software that anybody can take anybody can run anybody can read and uh not locking it behind a paid executable with a a code signed binary where I pay the $300 and get the smart screen filter and all the other crap uh that that's required to do that uh it's just really aggravating it it is from a development standpoint from just you know the reason why I built this script was so you can have an enjoyable experience on Windows and this type of thing is is just really aggravating and why so many people move on from Windows and and why Windows was going to continue to lose market share antivirus isn't going to save you and if you're the type of guy that's like I got to get my Wares I got to get my Torance in and get my free stuff and uh you want to engage in a bunch of risky activity no antivirus is going to protect you either it's it's that mentality and it's just it's aggravating it really is and and I'm going to continue working on this I'm going to continue obviously open sourcing it and keep going through I just wanted to make this video just to say man I'm so fed up I'm so fed up with Microsoft's antivirus I'm just the antivirus industry in general is just terrible and you just don't run into that uh on Linux or or Mac and I I really hope more people switch because I I really don't like where uh Windows is headed and and it's just in a downward trajectory and there's a lot of things about that industry that's just nasty but yeah anyways I'm done I'm out of here

Info

Channel: Chris Titus Tech

Views: 37,797

Rating: undefined out of 5

Keywords: chris titus tech

Id: MuBeblbUXpU

Channel Id: undefined

Length: 10min 24sec (624 seconds)

Published: Sat Mar 30 2024