I am banned for the server, how would i contact back since its a false ban

@@uricot message one of the mods.

@@pcsecuritychannel how would i find one, i dont remember their tags or usernames

This comment should be pinned or added to the description.

Dude in 30 years ive not gotten a virus like this once how are people this bad that there scammed so often I mean gmail has always had good scam block

What an awful company, the fact that you cared about the customers is admirable

👍

Name that company

Thats crazy, sounds like they needed to reevaluate their procedures, are they still in business? Not looking for a name just curious if they could really establish a solid customer base. I would rather take one or two calls and ensure that their system was completely clean and working to its best ability, than lots of calls and customers that eventually walk away and find someone who does it properly.

@@lenseeing829 if they still exist that would be worthwhile

XDDDD WE CALLED IT BIGFOOT

must've been a pain playing games then seeing them crash and being unable to end it

@@lerebox drove me nuts, esp since I just got a used card off ebay and wasn't sure if it was the card. Tbh it still can crash games after 30mins or so but I gave up on diagnosing it :D

There is a high chance it would be a crypto miner that works on the background and doesn't allow you to stop it

@@quincho6949 It was supposedly Floxif.H, which Windows Defender labels as a 'well known threat that's automatically removed.' Not quite :

Same here! I worked in the world of PCs when they were just beginning and up until about 2000 +/-. Now, I am way behind on everything. It's going to be some serious catch up work to get back up to speed. This channel may be my ticket to success.

Nots so great then is what your trying to say?

@@trafficjon400 Man why you gotta be like that

​​@@trafficjon400 lay off the crack he said it's an amazing tool

need help, tried ftk imager and dumpit but upon pressing to capture memory the ram crashes and the system reboots after collecting error data...

holy shit thanks for the cmd tip!

@@Erlisch1337 youre welcome!

thx for the easy cmd tip :D

no fucking way! I always shift-rightclick... holy shit, what a gamechanger :D haha. So simple! Thanks!

felt the same way as you all when I first found out lol. you're welcome

You're gonna have a bad time

@@cursedpotato64 why

i did my time doing that, over time, you start to figure out what's normal and just has an odd name, and what's actually a problem. I just remember once in the early 2000's, someone swore by norton who showed their system was safe, and that means they had no virus. I installed pc-cillian and spybot and got over 5000 viruses on the computer. That was the day that i learned that people trusting brands way to much, and started to try to difersify my toolset (except spybot: search and destroy, never found a good replacement before i stopped doing much comp repair for people)

as would we all

The only thing you can do to be completely safe is to wipe your PC and perform a brand new install of your operating system. Reinstalling from the compromised system software may not work with rootkits/trojans that are deeply embedded in the operating system's code.

@@itsTyrion hey wondering if you or anyone else can help I just did exactly that and complete fresh start I download Norton and malwarebytes start searching, nothing comes back ever full scans. I disable everything that autoruns it seems to come from Microsoft onedrive and I can’t stop the files from autorunning but I seen them… it’s still trying to create files n such. It’s renamed n made Norton and malware bytes useless as the it tricks the scanners… cause ur rewrites them . Just tried to do Microsoft defender offline scan and gets to about 93% and shuts off… please anyone I could really use your help.

@@34ogx maybe the usb drive is infected too and thats how the virus stuck around?

@@grill6411 well my buddy made the instillation media for me on his own desktop I lost all my files just saying f it and trying to get rid of this. I have a screenshot of it but I still don’t know how to remove it.. It says it did watsonreport so it followed me over I guess? Image:jokeyaklog/FargoodIcy/BagZoorWar/CanlabEgg.exe Appname:Skydrive setup Then it gave itself permissions… please if anyone could help. I already lost everything just trying to play my video games again.

Seriously ? Downloading a third party software and you're not suspecting anything ? I've searched for Dumpit, and the only "safe" download was from Comae and you must sign in and wait for check up. It is actually SCARY AF to think that "professional" are actually using third party software with thinking about security breaching. Someone tell me if I'm missing something.

Really? When I was in school for Cybersecurity/Cyber forensics we did a lot of white hat/ethical hacking and even some black hat stuff as part of the learning process. Maybe I'm just misunderstanding you, haha.

Id rather just wipe everything since i can redownload all of my games etc in like 2 hours

It'd be a better idea to educate people on how to make proper backups. Restoring a backup would take less than an hour for an average computer. Dumping the memory, going through processes and connections, doing 'forensics' basically, takes as long as it takes (days/weeks easily). And that is for people who have experience, the average user will never care to go that deep, nor will they care to fully remove malware. In those cases it's probably better to have the user know how the malware got in (usually they downloaded/clicked something fishy) and restoring backups.

I agree that not everyone might be interested, but isolating and learning how that program works or is hurting my machine interests not only me but everyone who's trying to learn in their own time and outside institutions that sometimes don't even teach us how to properly dissect malware and understand how and through were they attacking the machine. This was a great video btw i will definitely check my fams old laptops

Hi man, that is a very smart idea😁

Just remember, the infected system will likely infect the USB stick as well - don't use the stick on another machine after it has been in an infected one, before you have reformatted it and copied the stuff back on it from *clean* system.

You mean like in the other two videos I’ve created one of which is in the description also referred to in this video.

@@pcsecuritychannel Precisely. My bad, this is the only video I've seen on your channel so far and I didn't read the description.

@@anatolydyatlov963 No worries, I was just being funny, welcome to the channel. :)

this would inevitably get abused :D

If they filter out processes, then a malicious program could just operate under that same name.

My same issue

he has done that now

@@coreyfinn5532 Thanks.

The matrix is watching you.

@@sicstar shhh don't tell him

If you're having dreams about being hacked it means you're afraid of losing something on your pc or afraid of it getting out.

Precognition

@@sicstar Oww, that's so what I was going to say... I just knew someone already had to have done it :D

@@yashwanthkumar2891 Thanks. I was able to download the file using Edge. For some unknown reason, Brave blocked the file from being downloaded.

Turn the shield off for the website

Most mallware could be detected by AV. If if you are hacked - you may have to look at suspicious activity by yourself, because it may look quite normal - AV don't know is it ok for your programs to "call" some remote server in Iceland or not ;-)

It's a game of whack a mole. Some moles are not whacked yet, and there are always moles popping up.

No leave them and watch them ruin your system. Thanks in advance!

In general, you want them gone. Best to use something that instantly overwrites the HDD space the files were on, like Eraser (Free opensource), to make sure they are completely gone. But depending on how many you find and what type, may be best to do a full re-imaging of the system (reinstall windows). And yeah.. fuck that other guy. Edit: Also make sure you change any important login credentials you have, but don't do that on the system you're troubleshooting before making sure the malicious files are gone!

@@babayega1717 Thank you so much! Also, I didn't think too much about what the other person said. I know that when it comes to these kinds of people, the more you engage with them, the more aggressive and unreasonable they get.

Sometimes DumpIt fails to capture memory dumps in a way that Volatility can understand. You might try using a different program, like FTK Imager.

Having the same issue. The second I press Y it bluescreens.

Same here. Shouldn't matter, but - are you running it via administrator?

Same

Your RAM was maybe failing?

The memory dump file itself is harmless. It's not going to do anything to your system. Even if you have a malicious .exe file, it will not do anything until you run it. Just copying the memdump.mem file and putting it on another system will not do anything and is safe. This file has no way of infecting a system.

@@Netsuko I think he meant that in order to copy the dump from the infected machine onto another, you have to plug in an external storage medium or connect to it by network, both of which carry the risk of an active infection spreading to another storage/system.

I know it's a hassle, but the safest way would probably be to turn off the system and boot into a live environment (any Linux Live USB/CD or HBCD_PE if you are uncomfortable with Linux). In an external OS, the malware is harmless, as it won't run on startup and/or would be completely incompatible with the external OS.

@@kaloyannikolov6849 You can probably just as well use bootable Malwarebytes removal tool (although I'm not sure if it will actually be 100% effective)

Malwarebytes should do the trick...

Figure out what's causing it, use a usb key to boot into Linux and delete the files and/or dlls causing it. Though I'd say it's always best to start fresh if you had malware - there may always be some sneaky piece of code that you missed.

Nuke your drive

I do this too and list the executable path. Then I sort on signature and check if there is a signature present and if it is valid. Found a lot of malware this way in the past. But for years I did not find anything with it but I also did not have any (suspected) infected systems

Using certain tools in pretty sure you can avoid the virus virustotal hash list unfortunately..

You might be running an unsupported version of Windows for that tool, or you're running some software that conflicts with it.

Yep and now my computer wont boot anymore

@@MrAircraft999 Did you set it to run on startup ? I've never used that DumpIt tool he used, but it's unlikely that a tool to dump memory would cause your PC to not boot on startup unless it does suspicious stuff.

@@Some1_Some1_Some1_Some1 i didnt, now even when i try safemode i get critical process died bsod when i try to run it

I'm not certain about these specific IOCs from the video, but anti-viruses are not as effective as many people think. But the trade off, at least, is that the exploits and artifacts that use anti-virus evasion techniques also makes it easier to find during forensics instead. Still a good trade off for hackers though, as forcing manual instead of automatic detection is a massive win for them.

Dude, we're on Ring -2 malware now; I found out the hard way when my network was compromised in may 2021. It's only starting to be reported on recently... I suspect because cyber security is helpless in combating the really advanced attacks that have transitioned from being targeted to widespread botnets and credential harvesting.

same also

Then, you're out of luck. Although not impossible, It's unlikely that generic malware would be that sophisticated. It's more likely it would just prevent you from saving a dump file, in which case you could just boot into Linux, take the files you need to backup and start fresh. Tampering with ram dumps is a very fine line between breaking the computer and achieving what you want, as reading memory is something legitimate programs do sometimes, including Windows itself. Unless you target a specific tool, it's hard for a malware to catch and tamper with. For a malware developer, that would be a lot of work for not much reward. Another option that might work is booting that PC on Ubuntu/your favorite Linux distro and using the main drive as a Windows VM, in which case you should have access to memory and the malware not being able to do anything about it to hide.

@@Some1_Some1_Some1_Some1 if root kit is present then install your own root kit and remove the first one.

Your HDD may have bad sectors or windows might be indexing your files or defragmenting your HDD or running a system scan in the background etc... HDDs just don't cut it as a operating system drive, for additional storage, sure, but I don't recommend installing windows 10/11 on a HDD.

@@ryomario90 what is the solution for it. Should instal SSD

@@GopadilipReddy It really would help to do so, yeah.

@@RYANTHORNTONCALL thank you. Is there any other solution or this is the only

@@GopadilipReddy Yes, you can get a low capacity SSD ( 60-80GB ) for windows and programs only, and leave the HDD for storage, like games, movies, pictures, large files etc. Or if money isn't an issue you can buy a large capacity SSD and keep everything on it for maximum performance.

Damn... the Shift-Enter giving Admin mode is something I didn't know ... thanks!

Shift-Enter did not give me admin in Windows 11, maybe I am doing something wrong though.

@@xkorv Sorry, I have windows 10.

@@FernandoFischer6048 Hi, I just tried Shift+Enter, but it keeps giving me a regular command prompt... I am on Win10...

Best tip EVER Update: No, it does not work with admin privileges...

The heart you placed at the end of your comment? That is your desperate attempt to encourgae the channel owner to "heart" your comment, correct? Stop doing this. Learn real value.

@@michaelc3977 Don’t tell me what you think is correct. What is the use if I get heart from channel owner . I don’t give a fk . I felt it useful and I loved the content , that’s why I put that heart symbol. I can see that you are a sick person with sick mindset. Grow up brow.