Hi, just read this and find it ridiculous https://www.trendmicro.com/en_us/res...antivirus.html

Ah, the quote didn't work, but now:

During the last week of July 2022, a ransomware infection was triggered in a user environment that had endpoint protection properly configured. Analyzing the sequence, we found that a code-signed driver called “mhyprot2.sys”, which provides the anti-cheat functions for Genshin Impact as a device driver, was being abused to bypass privileges. As a result, commands from kernel mode killed the endpoint protection processes.

As of this writing, the code signing for mhyprot2.sys is still valid. Genshin Impact does not need to be installed on a victim’s device for this to work; the use of this driver is independent of the game.
August 24, and it is said the issue was known for 2 years!