@SaimonSSL um try windows is the virus ... who needs the bloatware ... 90% of the junk running on windows 10 is not needed but windows forces it anyway ...
@yupyipit neither did I. It sounds very fishy and I think he got the virus from something else, but he told me it was after he used the client with the mod
@@godric443 Was just fixing to say, always good to have alternatives in case one is compromised. Task Manager, ProcessHacker, Process Explorer, etc. Even better if you have them on DVD-R which can't be modified. That way you can still run the software and not worry about it being deleted or modified in a way that disables it. Although would be funny if they noticed and kept ejecting your CD Drive XD
A few things: If you notice a remote shell is running on your system, don't just kill it and be done with it. Always check for backdoors and the like, persistence is an important step in the attack process. You won't always see the shell pop up in the task manager, especially if it's a meterpreter shell. Meterpreter can migrate to other processes (and usually will because windows defender will often automatically kill remote shells if they don't), so you have to look for other things such as abnormal resource usage or unusual calls if you have Sysinternals tools. Just because you have your firewall up does not mean you are safe. A hacker might be able to bypass his way around it, and most will know that disabling it altogether is an easy way to get spotted. Always check for suspicious permissions when it comes to the firewall, and use a router based firewall whenever possible since a system based firewall can be easily disabled or bypassed.
Those are great points. Thanks for bringing it up. Persistence is the goal, you’re right. That’s a jackpot for malicious actors. Thanks for the router based firewall information too.
I don't know my elbow from my bum hole when it comes to this stuff so anything said sounded like alien lingo to myself and anyone with a basic knowledge of pc functions lol.
@S T Ξ Λ L T H Windows is quite the bloated and chatty OS built to mine the user for data. Constantly sending "anonymous" analytics data to Microsoft and etc. Average American citizen's data is usually worth around 5 - 6 ish USD I think, not fully sure though. Either way, they can collect that data from millions and they make quick bucks selling it to advertising companies. Ever wondered why when you do most things on the internet, you see ads related to that, or suggesting things you only just recently looked at or searched on google?
@@Skullkid16945 yes, Microsoft collects the user data. So does Apple, Google, Facebook, you name it. If you are that paranoid over Microsoft's data collection, what if I tell you that every android phone with google assistant enabled is listening to your conversations ALL THE TIME? Probably even when assistant is disabled, though I have no proof for that. This in fact is most likely why you're seeing ads related to stuff you've spoken about, it's because google is listening to you more than anyone else. Microsoft began as a software company/operating system maker, but Google began their operation as a serach engine developer and their primary profits come from ads. You're trying to portray Microsoft as an ultimate bad guy but it's far from truth
For the Task Manager tip to be of any use, the user must already be familiar with all the normal processes that should consistently or can occasionally appear there. I keep a Notepad with the complete list of everything in the Services list, the Startup list (from the msconfig dialog) as well as the task Manager list. Anytime I remove/disable or add/enable software, I update the list. Studying those lists and getting a general familiarity with them is crucial. Do I have everything memorized that I can recite every item for memory? Of course not. But upon looking at the list, I can recognize what should or should not be there. And if I am not sure, my Notepad list/record helps me make a distinction as to whether I'm merely not recognizing something that's always been there, or if it's something "new" that I did not authorize.
@@smokescreen2146 What do you mean "then what?" ?? I am pretty sure the answer is in what I said : memorize/familiarize yourself with the items, know at a glance what should and should not appear in that list. If you have something specific in mind, you're gonna have to use your words and explain it. I am not a mind-reader and I am not fluent in dumbed-down Textinese.
Seems I have to spell this out .... TO MAKE TASK MANAGER REFERENCE LIST : 1. Open Task Manager. 2. Select "Processes" tab. 3. Look over all items. If you do not know/recognize a process, or cannot deduce with certainty what it is : a. Do a local computer Search for that process to determine its location - sometimes just knowing where it is can verify its legitimacy. b. If finding it on the computer, the location still does not clear anything up for you as to what it is or if it is safe, GOOGLE IT.
@@BlackieNuff There are over 120 processes running on my machine right now with just Firefox opened, and they keep changing and re-ordering themselves, so good luck memorizing and spotting them. Like I said you made your list after you already got hacked, and not before so it is useless. Some Trojans can also pretend to be legitimate processes (e.g. scvhost) and can even hide themselves from appearing on Task Manager. Anyway why are you listening to someone who teaches hacking for advice on how to stop hackz?
I will add just one thing: Be careful with just willy nilly ending tasks. Some tools are able to do some techno-sorcery and tie themselves to a critical windows process, meaning that if you kill it you'll trigger a bluescreen of death. The malware would remain running once you reboot as it'll likely also be configured to set itself up on startup. I wont name any tools that I know possess this ability, but I will assure you they exist and it's best to rely on an antivirus to do the cleanup for you if you don't know what you are doing.
I’ve been looking for videos like this when I was young! I’m glad to have found these years later! I hope to probably get into networking and coding again it has always interested me and I went to college for it before they shut down on me twice But if I can learn now for a hobby that would be cool! Maybe someday I can make it a career again
I can see why there is dislikes. People who know nothing come here trying to learn how to find out if they got hacked and get bombarded with crap loads of very tech lingo and get lost in the first 2 minutes or less lol. You see? A person would already have to have learned some technical stuff to even begin to comprehend any of this info. :-s. You see now?
or you will find the machine they are spoofing or doing a remote access from ... and get the wrong person ... you need to strip the header packet to find the final destination to get the ultimate end user of the process ... most tools DONT do this ... so they stop at the first IP and call it a day ... but the packet can then be rerouted from the remote machine to the hacker or yet another remote machine and so on ... .
I am doing Loi'c course on Udemy and have got to say that he is a really good teacher. You guys are so lucky that he had this really important video up on UA-cam for free...I am too as I am fending off an attacker...Thanks Loi, your awesome! 😊
Dude, solid video! Thanks for sharing. I like that you show both sides of the hack! Good work man! At work, I usually reboot the workstation if I think a customer opened a phishing payload. Because I have some offensive experience, it makes me realize that unless they’ve established persistence, they’ll need to exploit again :). Obviously if you have physical access to network interface you can also disconnect that too. Anyway, great video!
There are 117 back doors into Windows 10 and only a handful are closable without crashing internet access. If you close too many doors, Windows 10 will detect it and shut off your internet access. One of the back doors that are well known is the INTELME back door. Most of them are telemetry ports, update ports, location tracing ports, meta data ports and webpage remote viewing ports.
Google and download: "SysInternals Process Explorer" (from Microsoft) it can check all the running processes against VirusTotal. Run it, ensure Options -> VirusTotal -> Check VirusTotal is checked. You can then explore those processes with many failed checks (few can be false positive). You can also check what company made it and ignore those you know.
This is cool but I think the netstat -b would help more. It's almost impossible to identify anything based on numbers so if you know the exe you can at least make educated guesses or google them
never using any system firewall and antivirus something software because they slow down PC and got virus only once few years ago, 15 minutes enough for recover system from image , only one firewall on my router is enough, never got any hacking problems
One interesting thing I once noticed: if you want to have remote RDP access, you can open ports on your PC and network. However, with a program like Glasswire I observed tons of external IPs from other countries attempting to access that remote port. Of course the PC on the remote end was password protected (no stupid 4 digit PINs either) so it's quite unlikely that the password would be cracked and access granted (assuming RDP forcibly disconnects after so many attempts). However, this did increase the total incoming traffic into the PC and network (adding to xfinity's data cap). So with this in mind, one way to ensure hackers can't gain access over remote shell or RDP is by using a local VPN and only allowing outgoing traffic over the VPN (except for public servers). A good router firewall like pf/opnsense will make it easy to create a secure and encrypted firewall which is far easier and more secure than opening ports on the router.
RDP is well known to not have a fail 2 ban system (it allows unlimited attempts to access) and, further, the Administrator users are always automatically added to the allowed list of users to connect by RDP (unless you explicitly remove them). Just never, ever open an RDP port to the internet. If you need remote access, connect to your network by VPN and then use RDP with local IPs tunneled over the VPN.
If you think you've been hacked, the only real thing to do is to nuke the system from orbit: reinstall everything back to factory default (or at least from clean installation media). Trying to detect or root out every single back door is a fool's errand.
It will be great to show the same for Linux too! I would like to ask You as a Wordpress websites creator if You can create some videos for Wordpress vulnerability...
For the netstat -ano, how should I know which one is suspicious process when there are many connections with your so called funny IPs ongoing? Thank you.
@@toggledfire4148 Wrong. Hackers could use port 443 also. If you have a NAS storage drive, you might see 445 connected to another IP address within your network. If you use Steam, you might see 27039. Any of the ones that say "LISTENING" could be malware waiting for a hacker to connect. A better way is to use whois to lookup all the foreign IP addresses you see in netstat and see if any of them are from China or Russia or something you don't recognize. They will usually be something you recognize like Microsoft or a website you've visited recently. If your router is set up correctly, nobody on the internet should be able to make unsolicited connections to your PC, unless your router has been hacked and ports are being forwarded. If you do see a legitimate hacker connection in netstat, you most likely already have malware on your PC and it is initiating outbound connections. This video is a bad example, since the hacking was done from within the local network. If you ever see that happening you have worse things to worry about, since not only is your PC hacked, but another device on your network is also. He also failed to mention that a root kit can hide itself from Task Manager so you wouldn't see it in there.
No normal user can do anything with this information. At least recommend some tools that send process hashes to virustotal or something. Seeing running processes or networking traffic doesn't tell you anything about it being malicious or not. You can replace system files, hide files from task manager, hide connections from netstat etc. And no normal user would even know 50% of the harmless system connections and system processes running.
True. The latter part. Even at this point I realise my OS had been hacked, but there's not much to do about it since they can always go deeper into the layers.
Yeah. my task manager ended task on it's own, screen went blank and only the task manager is on screen but minimized, then the screen went back on then files are refreshed like nothing happened. My computer been acting strangely, slower than usual and random shutdowns. Can't put a finger on it, whether it's hardware or software. I ran full system scans on both malwarebyte and windows defender, yet no viruses were detected. Files sometimes show then disappear within a second when i login on my windows, so i'm quite suspicious
I have an ex landlord who has psychopath traits and not did he steal my cell phone while moving in, but while not at home he had access to my router and computer. I've always strongly suspected he's hacked my computer and was listening to my conversations, then prior to moving out and while changing the home address to my new location, I found under one of my accounts that my current delivery instructions had been removed and replaced with a new message to be delivered to his home instead. I'd also discovered a cell phone and another devise was connected through my routers wifi known network connections.
If you have Windows 10 your computer comes pre-hacked. Signs of hacking: The software is very difficult to remove. The software takes control of your computer so you cannot use it. The software steals all your info. The software makes your computer slow and hard to use. The software fills your computer with junk that you don't want or need.
Good vid. How do you fix all the problems? Firewall and security. How do you locate (street name and door number would be best) and stop the attacker from accessing your computer?
One obsessive stalker/ hacker has been inside my computer for many years. When I typed “netstat”, the data came out fine. After that, I typed “netstat/?”, the information came out fine. When I typed “netstat-ano”, nothing came out. This hacker did some program on the script. He tried to block me to delete his hacking IP address in task manager. Please help. Besides that, he has been using manipulating Bank of America(BAC) for several years, without his manipulation, BAC stock price would be over $70/share before Covid-19 market dropping last year. After I bought Wells Fargo(WFC), Li auto limited(Li), NIO Limited (NIO), Pfizer Inc. (PFE) several months ago, he has been manipulating their price and frequently dragged their price down and controlling their price. Trying to ban my voice, he disabled all reviews functions on my several laptop computers Google, Yahoo and other major sites.
I skip most of the steps by searching for the source file and then deleting from the registry with admin rights anything related to it. Reboot and you'll be ok. No need to go through all the networking stuff. Unless you got into the deepweb unprotected and had to format c:/>. Good video though 👌
thats actually very good advices u gave here, but 1 thing, netstat will be completly useless, because on a normal machine u wont have like 5 active connections like urs cause urs is fresh instal, instead u would have maybe a 100, so the person needs to be very advanced and to know which application with which IP is comunicating, and that is a lot of additional work to do and track.
Thank you for these information. However, you haven’t explained in detail how we can stop our systems being hacked. You mention an app, but I would like to know if the app can block hackers. Thank you.
Have an antivirus, dont bypass warnings antivirus gives you, have common sense, dont download anything sketchy and even if you do you'll probably be fine if your antivirus isnt itself a virus but dont do it anyways. Beware of phishing. The only time your system is going to be "hacked" is if you have a virus, the computer isnt like facebook that can just be hacked as it only exists in your machine.
Just use common sense and don’t download random things. I recommend Malwarebytes to scan from time to time and a windows defender offline full scan which is already on your computer. Remember to read links carefully because grabifies can look like real links and double check sites you type in before going to them.
High CPU or disk usage, and an unusual program or duplicates of usual programs. Sometimes malware just sits in your file folders without showing up in task manager, though.
Ive got a weird problem thats been around for a few months, since I think may 17th 2022, where windows security immediately closes, along with some other security things, and some software from my computer(armorycrate which is for ASUS computers) and the taskbar does not work but apps can still be clicked on, and search bars never finish searching anything(in file explorer as its all I can open, and settings) Ive tried a dozen things and theyve never worked, Ive checked files in task manager and I cant find anything, my dad always jumps straight to scorched earth with "just restart the computer, you can save docs but otherwise you're letting hackers steal your credit card info and other things" but nothing has happened, I feel it in my gut that its some absurd bug or error cause by hardware issues(my battery had a bulge but I havent been able to check so I feel like it could have ruptured or messed with the boards I really dont know) or just some setting that I dug 12 layers deep and toggled but wont ever remember where I went to get to it. Its frustrating and I dont want to just torch my laptop.
When I opened my laptop today just for a second there was a little smartphone(iPhone) on my screen right about where the Windows logo is in this video. I couldn't make up any more details because it disappeared in just 2 seconds. Anyone any thoughts if this might have been any spyware or on what it might have been?
Useless. How did the hacker FIRST get into the system? Are you saying a hacker can take ANY win10 system and in seconds without any passwords or other access (or you doing some stupid click on link) get right into Windows to do all this stuff you showed? Wouldn't Microsoft take care of that idiocy in the next security fix? Where is the entry point?
Good video. New subscriber here, I've already gone threw a few of your video's and find them interesting. I'm new to learning IT, and trying to learn on my own but I find your video's really helpful.
Me without a computer: interesting... Edit: holy shit why is such a simple comment causing a war in the reply’s, I guess this is the internet after all When I say I don’t have a computer I don’t mean a phone since some people think phones are computers. I don’t have a actual computer a PC or a laptop is what I mean. I’m actually surprised and disappointed I had to explain this
Is there a way to contact you? I have a potential hacked computer. Turned it on and all I had was a computer icon dead center on the screen. Touch a button and black screens for awhile then back on.
End task is not always the best. Should right click select goto process then Right click select end process tree. This is how you kill process from the root. It is also important to find out what started the process and if it is a file that can and should be removed.
hi, I need help with something. I am not sure if you will respond but it's worth a try. My email is getting compromised, my social media accounts are also getting hacked. It's not just the password change, no no, they are changing the email too to make sure that I can't get back into my account. I don't know what to do.
Hi help, I saw yesterday something really weird popping on computer , it looked very similar to what you opened when you said where the hacker has all you info I need help
the title of this video is really misleading. I was expecting no expertise at all, based on that. Then, quick screen to middle video shows a guy who knows what he's doing. Please put at least a hint of expertise in the otherwise clickbait title/thumbnail, so we know to expect some real in-depth information beyond the noise of UA-cam!
Task manager, netstat, wireshark, firewall and antivirus.
Thank you master ♡♡
So ok then how as im still relativly new to Linux how do i detect if any one is hacking my Linux Os? i use as the norm Parrot sec or Kali Linux?
do i run top or htop from aa terminal then dissconect any unwated traffic
How can i open closed videos? Thanks!
@@notamongyou huh?
The hacker who are visually remote access my computer watching me watching this video :
*Nerveously sweating*
Lmaoo
do you mean to saay FBI?
I'm
@@majeedmx7016 fbi cant "visually remote access" your screen....
I can feel FBI is coming
"open task Manager and look for potentially malicious program running..."
- Cortana spotted!!
so true
@SaimonSSL um try windows is the virus ... who needs the bloatware ... 90% of the junk running on windows 10 is not needed but windows forces it anyway ...
halo ai cia
@SaimonSSL You cant even spell Cortana right after it was spelt in front of you. Incompetence.
@@stuffandthangs3953 Clown comment. He is clearly trying to joke around.
how to become paranoid in 10 minutes
true lol
Fr
@@laflame3460 Nah, you're fucked. Everything's already infected with malware by the time you read this.
Jk, I don't know what I'm talking about.
@Cityscapes It downloaded folder normal folder I didnt even open it
@@laflame3460 you can never be sure but it is not unlikely that you have a virus. I would say 70% you got infected.
The hacker watching me watching this video : *Interesting*
@Amano Kun Interesting
Why i think your comment will get 1k likes
@@LuizZignani same
Oh hello there i have been watching u
Very interesting
Had to watch this on my phone because my computer would close the tab for no reason.
hmmm
Well...
Hmmm 🧐
thats one of the signs that you got hacked
@@mrstarfish thats one of the signs that you missed the joke
when you try to un-hack your pc but you end up hacking the hacker
thats just exagerated swaggers
@@leg4985 the exxaggerated swagger of a blck teen
@Zrobilive lol
@Zrobilive most of the time the attacker's IP you see, it's not his real one.
Actual fucking gigachad
"huh, let's see the task manager..." *finds powershell running*
*SWEATING PROFUSELY*
Same. Is that a normale one or is every powershell a virus/tracker???
@@Mr.Wayne.1 if you don't have a powershell window open, i guess it's a virus
@@Mr.Wayne.1 if you didn't download it or don't have it opened then it is very likely a virus
well i have windows defender notification icon running,
frick
@@Iqbal1808 uh oh, seems like you're screwed
Signs you've been hacked:
1) You're using windows
2) It's connected to the internet
3) You've installed something on it
stfu apple user
@@YousefSadiq then "stfu non-windows user"
@@YousefSadiq then "stfu Duco Darling" is appropriate
Signs you've been hacked:
1) Own a computer
2) It's connected to the internet
@@u1richh ever heard about the Mirai botnet? Literally anything that can connect to internet can get hacked
Wasn't even thinking about the possibility I got hacked until I saw this recommended, now I'm paranoid for no reason.
LOL
Lol
Me: *gets this video reccomended after downloading 40+ Minecraft mods*
also me: "Im in danger"
*chuckles* "I'm in danger"
@yupyipit fabric is usually safe, but forge has many breaches
@yupyipit neither did I. It sounds very fishy and I think he got the virus from something else, but he told me it was after he used the client with the mod
@yupyipit yeah
40? Das a rookie number. I've been rocking 2 shady launchers with hundreds of manually installed mods on them back in 2015 XD Never got a virus afaik.
**tries to open task manager**
Task manager has been disabled by your administrator.
*this is fine*
aah we need some defense for this now :D
man get to like the support and call the support system for help
sudo.. oh wait shit
@@godric443 Was just fixing to say, always good to have alternatives in case one is compromised. Task Manager, ProcessHacker, Process Explorer, etc. Even better if you have them on DVD-R which can't be modified. That way you can still run the software and not worry about it being deleted or modified in a way that disables it. Although would be funny if they noticed and kept ejecting your CD Drive XD
You can activate it again in the group policy editor
A big sign is when a Indian guy is asking you to buy gift cards to fix the issue
Or any support for that matter.
"hello your computer has virus"
~not an India guy but has deep indian accent
@@rabidbeaver167 lol okay then
Cut off the internet wire
Jim Browning is an expert on that..............he knows them all...;-D
A few things:
If you notice a remote shell is running on your system, don't just kill it and be done with it. Always check for backdoors and the like, persistence is an important step in the attack process.
You won't always see the shell pop up in the task manager, especially if it's a meterpreter shell. Meterpreter can migrate to other processes (and usually will because windows defender will often automatically kill remote shells if they don't), so you have to look for other things such as abnormal resource usage or unusual calls if you have Sysinternals tools.
Just because you have your firewall up does not mean you are safe. A hacker might be able to bypass his way around it, and most will know that disabling it altogether is an easy way to get spotted. Always check for suspicious permissions when it comes to the firewall, and use a router based firewall whenever possible since a system based firewall can be easily disabled or bypassed.
What you just said, gone above my head bro, a video would have been useful for it i think.
Taskkill /F /T /PID NNN
Lol
Those are great points. Thanks for bringing it up. Persistence is the goal, you’re right. That’s a jackpot for malicious actors. Thanks for the router based firewall information too.
I don't know my elbow from my bum hole when it comes to this stuff so anything said sounded like alien lingo to myself and anyone with a basic knowledge of pc functions lol.
My first suspicion would be that "hacker" file in the desktop.
Me: opening never gonna give you up on youtube
My FBI agent and the guy hacking my pc: fuck
Sign no. 1: at startup, it greets you with a "welcome to windows" screen.
@S T Ξ Λ L T H Windows is quite the bloated and chatty OS built to mine the user for data. Constantly sending "anonymous" analytics data to Microsoft and etc. Average American citizen's data is usually worth around 5 - 6 ish USD I think, not fully sure though. Either way, they can collect that data from millions and they make quick bucks selling it to advertising companies. Ever wondered why when you do most things on the internet, you see ads related to that, or suggesting things you only just recently looked at or searched on google?
@@Skullkid16945 yes, Microsoft collects the user data. So does Apple, Google, Facebook, you name it. If you are that paranoid over Microsoft's data collection, what if I tell you that every android phone with google assistant enabled is listening to your conversations ALL THE TIME? Probably even when assistant is disabled, though I have no proof for that. This in fact is most likely why you're seeing ads related to stuff you've spoken about, it's because google is listening to you more than anyone else. Microsoft began as a software company/operating system maker, but Google began their operation as a serach engine developer and their primary profits come from ads.
You're trying to portray Microsoft as an ultimate bad guy but it's far from truth
@@Skullkid16945 but if you get ads on google related to what you just looked up on fucking google wouldnt it be google who sells the data?
@@Skullkid16945 Good god your name broke youtube. It crosses the right panel of youtube going all the way to the right edge of the screen.
@@Skullkid16945 Is there's youtube link on ur name?
You can always do netstat -b in an elevated cmd and it will show the executable file with that connection.
Thank you so much
could do yea
@@amateruss command prompt with admin rights.
"The requested operation requires elevation."
I'm a regular windows user, and I'm using task manager since windows 7 era to monitor my whole system.
Thanks for the additional tips.
Nope
@@gowororigejunua439 wth dude you're everywhere
The best Anti Virus is most of the times common sense.
cute pfp
Nope
Antivirus is a virus itself
For the Task Manager tip to be of any use, the user must already be familiar with all the normal processes that should consistently or can occasionally appear there.
I keep a Notepad with the complete list of everything in the Services list, the Startup list (from the msconfig dialog) as well as the task Manager list.
Anytime I remove/disable or add/enable software, I update the list. Studying those lists and getting a general familiarity with them is crucial. Do I have everything memorized that I can recite every item for memory? Of course not. But upon looking at the list, I can recognize what should or should not be there. And if I am not sure, my Notepad list/record helps me make a distinction as to whether I'm merely not recognizing something that's always been there, or if it's something "new" that I did not authorize.
You made the list after you got hacked, then what?
@@smokescreen2146
What do you mean "then what?" ??
I am pretty sure the answer is in what I said : memorize/familiarize yourself with the items, know at a glance what should and should not appear in that list.
If you have something specific in mind, you're gonna have to use your words and explain it. I am not a mind-reader and I am not fluent in dumbed-down Textinese.
@@smokescreen2146
It just occurred to me what you meant : The answer still should be obvious...
Google it.
Seems I have to spell this out ....
TO MAKE TASK MANAGER REFERENCE LIST :
1. Open Task Manager.
2. Select "Processes" tab.
3. Look over all items. If you do not know/recognize a process, or cannot deduce with certainty what it is :
a. Do a local computer Search for that process to determine its location - sometimes just knowing where it is can verify its legitimacy.
b. If finding it on the computer, the location still does not clear anything up for you as to what it is or if it is safe, GOOGLE IT.
@@BlackieNuff There are over 120 processes running on my machine right now with just Firefox opened, and they keep changing and re-ordering themselves, so good luck memorizing and spotting them.
Like I said you made your list after you already got hacked, and not before so it is useless.
Some Trojans can also pretend to be legitimate processes (e.g. scvhost) and can even hide themselves from appearing on Task Manager.
Anyway why are you listening to someone who teaches hacking for advice on how to stop hackz?
"First thing you wanna do is right click the taskbar and select task manager"
me on linux: _sad tux noises_
@Jay Rozes I get better performance on Linux, plus I like the distro I use, it's very stable and fast
top
@@System64MC based?
@@sirrobertwalpole1754 I'm on Zorin, based on Ubuntu
@@sirrobertwalpole1754 I'll take a look at it, thank you
I will add just one thing: Be careful with just willy nilly ending tasks. Some tools are able to do some techno-sorcery and tie themselves to a critical windows process, meaning that if you kill it you'll trigger a bluescreen of death. The malware would remain running once you reboot as it'll likely also be configured to set itself up on startup.
I wont name any tools that I know possess this ability, but I will assure you they exist and it's best to rely on an antivirus to do the cleanup for you if you don't know what you are doing.
I just got a malicious clone of syscruntime140.dll, and it lived through a complete cloud reinstall of windows 11.
@@ThePower1037 keyword is cloud
Easier way to stop them from stealing your info:
Unplug your Ethernet cable
Best solution here
They hacked into your router?
Unplug it.
They hacked into your grandmas life support?
Unplug it.
im on wireless
@@SAMURAIoriginal unplug your router
Hackers will be very dissapointing after looking at my balance
they look at my balance and send me money ...
I’ve been looking for videos like this when I was young! I’m glad to have found these years later! I hope to probably get into networking and coding again it has always interested me and I went to college for it before they shut down on me twice
But if I can learn now for a hobby that would be cool! Maybe someday I can make it a career again
Hey can u hack someone for me
ello, yu computeh has viros
I'm *"Stephen Jordan"* from Microsoft
ello sir, your computeh has viros
**discord crashes**
"zir, you have a wirus on your dextop."
Ma'em i em Jonh smith from moocresooft. Please doonleed GoTwo Assist pleas.
919 highly skilled hacker disliked the video. Honestly I don't know how somebody can dislike something this informative
I can see why there is dislikes. People who know nothing come here trying to learn how to find out if they got hacked and get bombarded with crap loads of very tech lingo and get lost in the first 2 minutes or less lol. You see? A person would already have to have learned some technical stuff to even begin to comprehend any of this info. :-s. You see now?
This is a good start, but you should also research how they gained access in the first place
me who has just reinstalled windows 2 days ago:
*interesting*
Pro tip: if you know the hacker's IP, this will help you find the hacker.
this is exactly what I was gonna comment lol, but how would you actually know? like if you don't have their IP
or you will find the machine they are spoofing or doing a remote access from ... and get the wrong person ... you need to strip the header packet to find the final destination to get the ultimate end user of the process ... most tools DONT do this ... so they stop at the first IP and call it a day ... but the packet can then be rerouted from the remote machine to the hacker or yet another remote machine and so on ...
.
Imagine disabling a hacker's connection after watching this video xD
I wonder if they could restart it again.
Who else checked to see if PowerShell was running on your computer right now.
Yeah, mostly because I found GTA V was slower than usual.
I am doing Loi'c course on Udemy and have got to say that he is a really good teacher. You guys are so lucky that he had this really important video up on UA-cam for free...I am too as I am fending off an attacker...Thanks Loi, your awesome! 😊
Dude, solid video! Thanks for sharing. I like that you show both sides of the hack! Good work man! At work, I usually reboot the workstation if I think a customer opened a phishing payload. Because I have some offensive experience, it makes me realize that unless they’ve established persistence, they’ll need to exploit again :). Obviously if you have physical access to network interface you can also disconnect that too. Anyway, great video!
well i certainly feel better about my system now, nothing looked out of the ordinary
Me too, although I don't have an antivirus program cause its often screwing up my games
Everything looking "in order" doesn't mean much. Read up on rootkits. Malware designed to remain hidden.
not even the homework folder?
I'm confused about the netstat -ano part. How do I tell what's normal and what isn't?
look at the incoming port
2:22 him: executables
captions: execute the bolts
me: execute the BALLS
There are 117 back doors into Windows 10 and only a handful are closable without crashing internet access.
If you close too many doors, Windows 10 will detect it and shut off your internet access. One of the back doors that are well known is the INTELME back door. Most of them are telemetry ports, update ports, location tracing ports, meta data ports and webpage remote viewing ports.
Yes but you missed the most important tactic, just f pull the dam network plug. 😑
Correct, I waste time TB the windows the hacker already encrypt all my data.
And make sure that the locks on your door take 8 hours to pick.
@@angelinasouren That back door is unlocked !
Google and download: "SysInternals Process Explorer" (from Microsoft) it can check all the running processes against VirusTotal. Run it, ensure Options -> VirusTotal -> Check VirusTotal is checked. You can then explore those processes with many failed checks (few can be false positive). You can also check what company made it and ignore those you know.
Nice tip bro thanks
Let be honest, everybody is checking now task manager
I did, power shell's running but its an important program that needs to run.
The hacker watching how I try to kill the process named "WidnowsCrytycalProkess": *nervously sweating*
the fact window 10 is easier to hacked into than previous window...
Nice England
@@TechnMetal Nice Epanishe
WoW english you good teach can ?
Don't take this seriously it's just a joke 😂
Well, no shit sherlock, u can just disable taskmanager and apps and u have full control
well it has ten windows
This is cool but I think the netstat -b would help more. It's almost impossible to identify anything based on numbers so if you know the exe you can at least make educated guesses or google them
I left my wireless keyboard in my sister's room and she started smashing it and it was connected to my pc so i fricking thought i was hacked 😂😂
never using any system firewall and antivirus something software because they slow down PC and got virus only once few years ago, 15 minutes enough for recover system from image , only one firewall on my router is enough, never got any hacking problems
One interesting thing I once noticed: if you want to have remote RDP access, you can open ports on your PC and network. However, with a program like Glasswire I observed tons of external IPs from other countries attempting to access that remote port. Of course the PC on the remote end was password protected (no stupid 4 digit PINs either) so it's quite unlikely that the password would be cracked and access granted (assuming RDP forcibly disconnects after so many attempts). However, this did increase the total incoming traffic into the PC and network (adding to xfinity's data cap). So with this in mind, one way to ensure hackers can't gain access over remote shell or RDP is by using a local VPN and only allowing outgoing traffic over the VPN (except for public servers). A good router firewall like pf/opnsense will make it easy to create a secure and encrypted firewall which is far easier and more secure than opening ports on the router.
RDP is well known to not have a fail 2 ban system (it allows unlimited attempts to access) and, further, the Administrator users are always automatically added to the allowed list of users to connect by RDP (unless you explicitly remove them).
Just never, ever open an RDP port to the internet. If you need remote access, connect to your network by VPN and then use RDP with local IPs tunneled over the VPN.
one of the signs was that i got this in my recommended
If you think you've been hacked, the only real thing to do is to nuke the system from orbit: reinstall everything back to factory default (or at least from clean installation media). Trying to detect or root out every single back door is a fool's errand.
This is the first actually good video about detecting when you get hacked.
It will be great to show the same for Linux too!
I would like to ask You as a Wordpress websites creator if You can create some videos for Wordpress vulnerability...
For the netstat -ano, how should I know which one is suspicious process when there are many connections with your so called funny IPs ongoing? Thank you.
To know is simply finding a non 443 and 80 in foreign address
Look closely at 4:34
@@toggledfire4148 Wrong. Hackers could use port 443 also. If you have a NAS storage drive, you might see 445 connected to another IP address within your network. If you use Steam, you might see 27039.
Any of the ones that say "LISTENING" could be malware waiting for a hacker to connect.
A better way is to use whois to lookup all the foreign IP addresses you see in netstat and see if any of them are from China or Russia or something you don't recognize. They will usually be something you recognize like Microsoft or a website you've visited recently.
If your router is set up correctly, nobody on the internet should be able to make unsolicited connections to your PC, unless your router has been hacked and ports are being forwarded. If you do see a legitimate hacker connection in netstat, you most likely already have malware on your PC and it is initiating outbound connections.
This video is a bad example, since the hacking was done from within the local network. If you ever see that happening you have worse things to worry about, since not only is your PC hacked, but another device on your network is also.
He also failed to mention that a root kit can hide itself from Task Manager so you wouldn't see it in there.
This is a lot to take in but it seems very in depth so thank you!
No normal user can do anything with this information. At least recommend some tools that send process hashes to virustotal or something.
Seeing running processes or networking traffic doesn't tell you anything about it being malicious or not.
You can replace system files, hide files from task manager, hide connections from netstat etc.
And no normal user would even know 50% of the harmless system connections and system processes running.
True. The latter part. Even at this point I realise my OS had been hacked, but there's not much to do about it since they can always go deeper into the layers.
no one :
baljeet : *Hello Your Computer Has Virus*
Yeah. my task manager ended task on it's own, screen went blank and only the task manager is on screen but minimized, then the screen went back on then files are refreshed like nothing happened. My computer been acting strangely, slower than usual and random shutdowns. Can't put a finger on it, whether it's hardware or software. I ran full system scans on both malwarebyte and windows defender, yet no viruses were detected. Files sometimes show then disappear within a second when i login on my windows, so i'm quite suspicious
why did this appear in my recommended lol
I have an ex landlord who has psychopath traits and not did he steal my cell phone while moving in, but while not at home he had access to my router and computer. I've always strongly suspected he's hacked my computer and was listening to my conversations, then prior to moving out and while changing the home address to my new location, I found under one of my accounts that my current delivery instructions had been removed and replaced with a new message to be delivered to his home instead. I'd also discovered a cell phone and another devise was connected through my routers wifi known network connections.
If you have Windows 10 your computer comes pre-hacked.
Signs of hacking:
The software is very difficult to remove.
The software takes control of your computer so you cannot use it.
The software steals all your info.
The software makes your computer slow and hard to use.
The software fills your computer with junk that you don't want or need.
literally everything microsoft installs by default
Good vid. How do you fix all the problems? Firewall and security. How do you locate (street name and door number would be best) and stop the attacker from accessing your computer?
This video came up so early, im still sleepy but i need to watch
One obsessive stalker/ hacker has been inside my computer for many years. When I typed “netstat”, the data came out fine. After that, I typed “netstat/?”, the information came out fine. When I typed “netstat-ano”, nothing came out. This hacker did some program on the script. He tried to block me to delete his hacking IP address in task manager. Please help.
Besides that, he has been using manipulating Bank of America(BAC) for several years, without his manipulation, BAC stock price would be over $70/share before Covid-19 market dropping last year. After I bought Wells Fargo(WFC), Li auto limited(Li), NIO Limited (NIO), Pfizer Inc. (PFE) several months ago, he has been manipulating their price and frequently dragged their price down and controlling their price.
Trying to ban my voice, he disabled all reviews functions on my several laptop computers Google, Yahoo and other major sites.
@@springw3546 netstat-ano don't exist.. do netstat -ano
@@springw3546 r u a boomer?
So, what is normal then? Like what process should be there and shouldn't and how do I know?
It's not normal if you have PowerShell running but you don't see it's window :-)
I skip most of the steps by searching for the source file and then deleting from the registry with admin rights anything related to it. Reboot and you'll be ok. No need to go through all the networking stuff. Unless you got into the deepweb unprotected and had to format c:/>. Good video though 👌
thats actually very good advices u gave here, but 1 thing, netstat will be completly useless, because on a normal machine u wont have like 5 active connections like urs cause urs is fresh instal, instead u would have maybe a 100, so the person needs to be very advanced and to know which application with which IP is comunicating, and that is a lot of additional work to do and track.
Thank you for these information. However, you haven’t explained in detail how we can stop our systems being hacked. You mention an app, but I would like to know if the app can block hackers. Thank you.
Have an antivirus, dont bypass warnings antivirus gives you, have common sense, dont download anything sketchy and even if you do you'll probably be fine if your antivirus isnt itself a virus but dont do it anyways. Beware of phishing. The only time your system is going to be "hacked" is if you have a virus, the computer isnt like facebook that can just be hacked as it only exists in your machine.
@@phobics9498 thanks very much.
Just use common sense and don’t download random things. I recommend Malwarebytes to scan from time to time and a windows defender offline full scan which is already on your computer. Remember to read links carefully because grabifies can look like real links and double check sites you type in before going to them.
@@___-ih4ty Could you explain how to double check a site? Thanks.
@@miguelservetus9534 Sorry I’m a week late didn’t notice the comment. You can paste links and downloads on VirusTotal and it’ll scan it.
Should we delete the preinstalled antivirus app??in my case its McAfee
FBI spying us all:
So funny son 😂
For all you worried powershell starts on startup so close it if it opens again well uh I guess try to find the file that’s making it open
Thankyou very much for making this.. But you didnt show how to remove it completly😑😥
Well.. Good Hackers do not let you know that you are hacked and even tho you understand it in some how, they leave no traces.. so
Right click go to the source and remove completely dont end task it will just restart
So this is only when the hacker is manually accessing to your computer, right? But how to know if your PC has a malware instead?
High CPU or disk usage, and an unusual program or duplicates of usual programs. Sometimes malware just sits in your file folders without showing up in task manager, though.
4:45 how do i tell that's a hacker listening and not a normal connection?
Ive got a weird problem thats been around for a few months, since I think may 17th 2022, where windows security immediately closes, along with some other security things, and some software from my computer(armorycrate which is for ASUS computers) and the taskbar does not work but apps can still be clicked on, and search bars never finish searching anything(in file explorer as its all I can open, and settings) Ive tried a dozen things and theyve never worked, Ive checked files in task manager and I cant find anything, my dad always jumps straight to scorched earth with "just restart the computer, you can save docs but otherwise you're letting hackers steal your credit card info and other things" but nothing has happened, I feel it in my gut that its some absurd bug or error cause by hardware issues(my battery had a bulge but I havent been able to check so I feel like it could have ruptured or messed with the boards I really dont know) or just some setting that I dug 12 layers deep and toggled but wont ever remember where I went to get to it. Its frustrating and I dont want to just torch my laptop.
just install Bitdefender or Kaspersky and that is
When I opened my laptop today just for a second there was a little smartphone(iPhone) on my screen right about where the Windows logo is in this video. I couldn't make up any more details because it disappeared in just 2 seconds. Anyone any thoughts if this might have been any spyware or on what it might have been?
Seriously, i didn't understand a bit , still watched the full video
Do you watch Mr. Robot? 😃
@@Spartan11117777 Pathetic socialist show.
Useless. How did the hacker FIRST get into the system? Are you saying a hacker can take ANY win10 system and in seconds without any passwords or other access (or you doing some stupid click on link) get right into Windows to do all this stuff you showed? Wouldn't Microsoft take care of that idiocy in the next security fix? Where is the entry point?
Yang
Make a video about linux and unix risk factors
Now i need to do a 5yr IT Course just trying to determine if my PC is hacked
Hello, your computer have virus!
Click ok to remove virus (requires admin privilege)
Good video. New subscriber here, I've already gone threw a few of your video's and find them interesting. I'm new to learning IT, and trying to learn on my own but I find your video's really helpful.
Me without a computer: interesting...
Edit: holy shit why is such a simple comment causing a war in the reply’s, I guess this is the internet after all
When I say I don’t have a computer I don’t mean a phone since some people think phones are computers. I don’t have a actual computer a PC or a laptop is what I mean. I’m actually surprised and disappointed I had to explain this
Same lol
How the fuck do you not have a computer in 2021 lmao
@@kevinflaherty1 not everyone has a computer or needs one really, I just use my phone and ps4 and they do the job. But I might get a laptop soon
@@kevinflaherty1 because someone may be poor? Duh
Same 😂
Is there a way to contact you? I have a potential hacked computer. Turned it on and all I had was a computer icon dead center on the screen. Touch a button and black screens for awhile then back on.
Great video, very informative and straight forward. Keep it up
My windows 10 background suddenly changed itself. There is a photo that came out of nowhere changing my windows 10 background. Can you fix it?
1 sign that your computer 's been hacked - this video is in your top youtube recommendations
"5 Signs Your Computer Has Been Hacked"
First sign: This got recommended to you
i looked this up coz yesterday my webcam turn on even though i didnt open camara
same and then i heard some random dude through my audio
@@yxsz8936 bro that's honestly scary ngl. I would suggest disabling camera and input volume and check if there's a keylogger
@@speedwagon3447 Ik I was so scared because I just finished watching the conjuring before that then I randomly heard "ugh hee
@@yxsz8936 Bro ... try getting that checked out at a computer shop. I'd rather be safe then sorry
@@speedwagon3447 yep I did they said my wif is being lagging bc somebody has been downloading weird files on my pc
End task is not always the best. Should right click select goto process then Right click select end process tree. This is how you kill process from the root. It is also important to find out what started the process and if it is a file that can and should be removed.
This video is really helpful for me. Thank you, Sir. :)
Now you got me thinking my phone is hacked and always listening to me. My people other than Google
Good to know... thanks dude..... I am enlightened
hi, I need help with something. I am not sure if you will respond but it's worth a try. My email is getting compromised, my social media accounts are also getting hacked. It's not just the password change, no no, they are changing the email too to make sure that I can't get back into my account. I don't know what to do.
希望能有中文字幕,hope to have chinese subtitles,thank you!
Hi help, I saw yesterday something really weird popping on computer , it looked very similar to what you opened when you said where the hacker has all you info I need help
the title of this video is really misleading. I was expecting no expertise at all, based on that. Then, quick screen to middle video shows a guy who knows what he's doing. Please put at least a hint of expertise in the otherwise clickbait title/thumbnail, so we know to expect some real in-depth information beyond the noise of UA-cam!
You know your computer is hacked when it starts asking for gift cards.
no one:
this guy: HeLLo yOuR cOmPuTeR hAs ViRuS
Some elaboration would've been nice on the command prompt segment... how are we supposed to identify "fishy" established connections?
Assume after watching this video you get to know that your windows is hacked !🤣🤣🤣🤣