How to Avoid 99% of Malicious EXE Files

How to Avoid 99% of Malicious EXE Files

ThioJoe

5 месяцев назад

62,652 Просмотров

Ссылки и html тэги не поддерживаются


Комментарии:

@Zi7ar21
@Zi7ar21 - 04.01.2024 06:48

Me: Runs a malicious Windows executable, "oh no!"
Also Me: resets WINE prefix because I use Linux

Ответить
@eltusYT
@eltusYT - 04.01.2024 06:43

Day 2 of asking: what if you delete the start menu folder

Ответить
@pimplyface64
@pimplyface64 - 04.01.2024 06:34

I'm glad you stopped trolling

Ответить
@reeshomer516
@reeshomer516 - 04.01.2024 06:15

Major red flag for malicious emails is the presence of any sort of executable file. Why someone try to send them atal?

Ответить
@mohamad20zx34
@mohamad20zx34 - 04.01.2024 06:05

I use Linux with wine in a m so I don't even have to worry about getting my PC infected

Ответить
@sandstorm7883
@sandstorm7883 - 04.01.2024 05:58

Damn I wish I could have used these amazing tips but .exes won't even run on my Mac.

Ответить
@flybalbu
@flybalbu - 04.01.2024 04:30

My old laptop got infected from malware that came from an exe
I was in class and in a rush while downloading it so i didn't check anything

Ответить
@stranded_mariner7695
@stranded_mariner7695 - 04.01.2024 04:07

Windows pro has a sandbox, you have to enable it in the windows features, but it's a very useful tool. For people who don't have Windows pro, there is a work around to get it enabled, or you can use sandboxie. These are often overlooked

Ответить
@13thravenpurple94
@13thravenpurple94 - 04.01.2024 03:52

Excellent video 👍 Thank you 💜

Ответить
@Einaudi-ms5ei
@Einaudi-ms5ei - 04.01.2024 03:46

I should have watched this before running 800Mb .exe windows activator

Ответить
@Stratelier
@Stratelier - 04.01.2024 03:33

Worth noting that at least some open-source projects will post a hashvalue (e.g. md5 or sha256) of the download package, which (to whatever extent you already trust the source) provides a way to verify that the downloaded file is what they claim it is.

Ответить
@Kryzys1
@Kryzys1 - 04.01.2024 03:27

Intro killed me 😂
Thanks, man of science.

Ответить
@UltraZelda64
@UltraZelda64 - 04.01.2024 03:19

Easy: Use an operating system that is so archaic that it depends on the file name extension to determine its file type, that doesn't go out of its way to hide those file name extensions from users, and whose file manager doesn't easily get fooled of the file type by appending additional extensions to a file name. In short, don't run Windows... run a UNIX or UNIX-like system instead.

Ответить
@jaceydurland9098
@jaceydurland9098 - 04.01.2024 02:27

Gotta love all of the people who expect me to ditch my PC, forsaking all of the programs I'm used to, buy another computer and relearn another operating system just because it is their opinion I shouldn't use Windows. Yeah, like I'm really gonna do all that because you said so.

Ответить
@Its_Jordan
@Its_Jordan - 04.01.2024 00:38

It's pretty easy to know what's fake and what's not in email phishing. I don't get emails from hackers and scammers, but they are on my dad's emails, and I tell him if the emails he gets are real or not. They always say Your email name, not your actual name, since the person who is trying to hack or scam you won't know your name unless they get all the details from a data breach.

Ответить
@near5148
@near5148 - 04.01.2024 00:34

Only download files from trusted sites that you trust but if it looks suspicious like it has fake download button it's a virus

Ответить
@ethimself5064
@ethimself5064 - 04.01.2024 00:29

That Digital Signature Tab must be in Windows 11 as not in 10 Pro

Ответить
@haon2205
@haon2205 - 04.01.2024 00:17

I have an exe of jasc paint shop pro from 2001, I'm surprised it was even signed way back in 2001

Ответить
@jonessii
@jonessii - 03.01.2024 23:53

stop using AI please

Ответить
@MegasXLR
@MegasXLR - 03.01.2024 23:29

"If it's signed, it's probably fine" - nice rhymes man :)

Ответить
@josephtucker9612
@josephtucker9612 - 03.01.2024 23:07

I had a problem once with all the exes that were signed was invalid. It was on a virtual machine that I had not used in a long time. I just had to run an update so my root certificates would get updated and that fixed the problem.

Ответить
@vladislavkaras491
@vladislavkaras491 - 03.01.2024 22:32

Great tips!
Thanks for the video!

Ответить
@fluentmoheshwar
@fluentmoheshwar - 03.01.2024 22:26

Don't use unsigned application if it's not open source

Ответить
@zxuiji
@zxuiji - 03.01.2024 22:20

I say there's a simple way for micros**t to ditch signatures for something more secure. Private compression algorithms, devs can continue to use exe's for testing while for users they should expect some new format from m$ that is the original exe encrypted via some private algorithm, one they can update on a regular basis to make hacked ones harder to pass on. The OS just has to unencrypt the new format and run the exe normally. If the encryption used doesn't match what the updates provide it's auto flagged as unsafe. m$ can just add an id of some kind to the encrypted exe files that can then be used to download the newest version the encrypted exe (as in when they update the algorithm the copy of the exe they have gets reencrypted and replaces the existing one that use to be downloaded). Can't say this is my favourite method given it requires closed source code but it IS a reasonable windows specific solution.

Ответить
@Steamrick
@Steamrick - 03.01.2024 21:44

This doesn't always mean anything. Remember your own "Never Wonder About Weird Windows Error Codes Again" video from two months ago? Microsoft signed the err.exe file with a root certificate that's not trusted by Windows 11... (nor Server 2019, which I also checked.)

Ответить
@BillyRichardson
@BillyRichardson - 03.01.2024 21:13

nice tip Thio, but here's a tip for you: my family is still owed an ethernet cable by you

Ответить
@ricgl84
@ricgl84 - 03.01.2024 21:11

I have another tip, stop using Windows.

Ответить
@666KoXz666
@666KoXz666 - 03.01.2024 21:03

I have app locker turned on, from previous video

Ответить
@user-gz4us9jn8w
@user-gz4us9jn8w - 03.01.2024 21:00

Thanks for the information,

Ответить
@LostShadowGD
@LostShadowGD - 03.01.2024 20:48

I ❤ GitHub

Ответить
@nutherefurlong
@nutherefurlong - 03.01.2024 20:42

How is Firefox's pdf reader compared to Adobe's, when talking about security?

Ответить
@DrJams
@DrJams - 03.01.2024 20:42

Best protection against ransomware is window's controlled folder access.

Ответить
@Melody666
@Melody666 - 03.01.2024 20:37

Digital Signature means nothing. Small developers usually don't sign their binaries, but this does not mean that they are dangerous. Better tip is to AV scan or run your executables in a VM. Use virustotal and clamav to scan the binaries.

Ответить
@GdShard5
@GdShard5 - 03.01.2024 20:36

Happy new year you really are the legend of tech

Ответить
@ejonesss
@ejonesss - 03.01.2024 20:34

how would malware get signed in the rare cases except if it is using stolen certificates and hopefully the stolen certificates would get reported and nullified.

Ответить
@Zecr
@Zecr - 03.01.2024 20:30

Doesn't windows automatically check signatures when running an exe (user account protection)?

Ответить
@Nicho2020
@Nicho2020 - 03.01.2024 20:22

There's no menu item 'preferences' under 'edit' in my Acrobat Reader.

Ответить
@gFamWeb
@gFamWeb - 03.01.2024 20:17

How to avoid 99% of malicious .exe files: just don't use them most of the time. Granted, I don't use Windows, but even if I did, my most used program would still be Chrome (what it is now). If you're ever finding yourself where you want to do something and the only option is to run some random .exe file, maybe reconsider.

And if you're worried about running a disguised file, .exe files disguising themselves really only works if you don't have "show file extensions" on.

Ответить
@Gerg0Vagyok
@Gerg0Vagyok - 03.01.2024 20:13

i use linux, sooo

Ответить
@Tob-wf-h6-ir
@Tob-wf-h6-ir - 03.01.2024 20:11

Use Linux

Ответить
@TheDoctorFlay
@TheDoctorFlay - 03.01.2024 20:04

Considering most malware creators get a free cert from Comodo and Sectigo, looking for a valid cert is not useful anymore.

Ответить
@asshole124
@asshole124 - 03.01.2024 20:02

56th

Ответить
@user-kj2pl9qh5c
@user-kj2pl9qh5c - 03.01.2024 19:53

Can u make a video about how to check if zip file containing virus both on mobile and PC and laptop

Ответить
@Kramer7969
@Kramer7969 - 03.01.2024 19:50

Who the heck is using email still? Oh, people who probably aren't watching this type of videos.

Ответить
@GiantLittleWolf
@GiantLittleWolf - 03.01.2024 19:47

How to avoid malware: Dont have internet

(Stolen)

Ответить
@_nr1
@_nr1 - 03.01.2024 19:46

Better tip is to actually check what you downloaded because malware can be signed all the time and plenty of small projects release unsigned binaries.

Ответить