The video is not complete. I always recommend checking the following: - Task Manager - Netstat - shell:startup - shell:commonstartup (missing) - registry HKCU run - registry HKLM run (missing) - task scheduler (missing) - registry wininit (missing)
he also missed dll locations for checking if dlls where hijacked and registry ms-settings\shell\open\command for uac bypass with fodhelper and installed drivers
@@Wisxpee just use antivirus and check files better, linux is hard in a lot of moments for the average user (playing games, using windows software, finding drivers and many more)
This was a great video. One note is to explain what the options do within the command so that can be demystified to a typical user. Will be using this vid as reference fr
Yoooo. I'm from the Philippines! Just as you uploaded your video, I saw it right away. I’ve been watching your videos for a long time. Keep it up, dude.
Hey ebola man! I really love your content all the way to the fact I have started a new channel! I really love your content and it has inspired me so much!! Thank you for being such a good inspiration!
Thank you so much, Sometimes in my pc cmd appears and disappears my mouse freezes and i see your video i saw startup programs method i checked taskmanager and i see double salih (user name) i used shell:startup and i see an app named fluxus 1.2v (an roblox exploit) i was opened it this like 5-6 day before now i know who is this i deleted and another salih (user) in task manager disappeared and after i delete it Windows defender is detected too. (in trashcan) Maybe you saved my life the hacker can steal my infos etc (sorry for bad english)
Bro i know im late to this video but you just saved my life. My computer was ratted from trying to get hacks and he keot closing this video when i was watching it😭 im on my phone rn and its gone your the goat
When they say “I don’t post videos like this” You know it’s gonna. Be a banger🗣️🗣️ But on a serious note. If you think your hacked Run antivirus scan, clear cookies (IMPORTANT as it clears session tokens and account info tokens ), change passwords, have 2fa enabled with Authenticator. And then clear cache. Backup data and reinstall OS and delete all partitions not format (talking about windows) and boom your not hacked anymore
Steamrip *should* be a lot safer and faster as far as I know, or from what I've heard anyway. Only things you have to worry about are "FP" & "Adds" | Although "Adds" shouldn't really be much of a problem if you have an "addblocker". However you can typically run everything through "VT" if you want to be safe/be sure
W video thanks for this! good thing nothing sketchy was found on my pc i can stop overthinking for some time now (maybe I should just stop pirating games)
this was actually helpful , i had k-lite codec pack and apparantly it was connected too something odd in there good catch. i dont see it anymore so and the others are just common microsoft gaming platform names. I dont really torrent anymore so.
The way you showed to get rid of a dll based malware is kinda useless due to most malware using manual mapping injectors and avoiding using loadlibrary because its easy to trace but good vidoe ❤
i think i never got any viruses from steamunlock at the time, but the last time i needed to reset my windows and there was still some files but nothing was happening anymore, one time i got every single thing hacked, google account and so everything else, it was for data breaches (not steamunlock), not sure if i ever got a virus for steamunlock, but im happy i managed to get basically everything important back in like a week, they was uploading porn fishing promo videos on my youtube, crypto spam on my twitter and a lot more, to this day all of my emails have been pwned
my mouse sometimes moves to a corner randomly, and the command prompt sometimes opens up for a milisecond, but it has happened less than it used to, the weird part is that it’s new, i bought it a few months ago from a trusted store. my ram is also usually at 10gb with only discord and opera gx open.
Reinstall the system from an official iso installed from another PC, I don't think it's worth trying to delete the malware, some of them multiply in the directories, you could delete one, deactivate them but there is always a risk that they remain.
Thank you for this video I learned a lot, i was actually hacked through steam once. I tried to contact steam support to get my account, it was hacked through someone who shared me a link in steam so people better be careful who are sharing links and be always suspicious. I actually learned from that and when i got attacked a 2nd time yeah dude not this time. I straight up reported to steam.
Good video. Fortunately I am clean based on this video but I had to uninstall AVG as I was getting this prompt about " Your pc needs to retart in 1 minute" I had to disable all startups and realised after a few tweeks that AVG was the culprit, somehow. After I uninstall it the issue went.
⚠ I have a REALLY IMPORTANT question. About those sketchy ads that we might find on huge safe websites, that lead us to a fake app with a VIRUS download instead of the legit download, example when someone clicks on a fake download button thinking that its the legit download and they run unknowingly a stealer who steals their accounts. My question is: why are such ad companies allowed to run? Shouldnt be a lawsuit against them? or dont the lead security companies do something about them??? People that are not savvy fall to such traps every hour
Would be a great video if you had a donor PC that was infected/hacked or such. Then... actually perform these commands to show how it actually happens and works. Sorry, I have not combed through you videos to find a video of this yet. If you have. If you haven't, I highly suggest it. Would rack up a ton of views.
i have only 1 chrome opened and in cmd it shows a few with diffrent ips, also sometimes in my youtube history i see videos appear that i havent watched and in audio setting there is extra chrome in mixer and it plays sounds but its muted, how do i fix it
Yo ebola I have a problem, I can see theres a virus in my startup on task manager but it wont let me go to the file location to delete it, any ideas to help?
End task of what you think is a virus and get an anti virus instead windows defender, even a free version can remove a virus. U can also do an offline scan, it checks every file on your pc
i was playing a game when i noticed my mouse was moving randomly even when i dont move it so that's why i checked this video and when i opened that thing for the startup programs i also had that thing that was just "program". i disabled it but idk if that's enough and idk if my pc is even hacked but i'd appreciate any help
@ebolaman_ I checked and with the first thing you did in the video, I see stuff like Radeon and cryptsvc. But when I first turn my PC on, I see more stuff. I saw one said 5357
Im chillin with 10 malwares in my computer "i swear im not joking an msg poped up saying Iin the title Synapse: Your computer has been Comprimized" 😭😭😭😭
One method they use to infect your PC is with a pop up on a questionable website - "Your Computer is Infected with a Virus" in a scary big popup usually in red. The uninformed will click on it which plants the first malware code on the PC. Then that malware invites other viruses, malware and trojans to the party. One time a friend brought me his wife's laptop which was massively infested with over 80 viruses and malwares. I tried to remove all but in the end I suggested a clean re-install since there was no critical data on the hard drive. She invited the first malware by clicking on a Facebook banner ad.
Bro why is my wallpaper saying *ops ur inportant files have been encrypted if u see this text but not the "wannadecrpyt0r" ur antivirus or u may have delte it*???????
Yoo i found a svchost.exe on my pc and ran the netstat find cmd and it said tcp established is this a remote desktop? (my disk is always on 100% so i have a virus i know it)
Now, how do we troubleshoot it thats the big boy problem cuz they sometimes have abilities to like delete this thing that makes it so you can't reset pc
hey im trying to that find search but i cant get the straight line down on the cmd. How did you do that? I tried doing the find "5500" without it and a bunch of things pop that just give me info on what -a or -b commands do.
I have a question bout sum. So basically they turned an organization thing so there are somethings in settings i cant turn on or off and they disabled task manager. How do i undo that
is it ok for cmd window to pop up randomly but not for a quick sec like it stays there and u need to manually close it and it dosent happen when i open the computer its just random is that okay?
The scarier ones is when the hacker makes a hidden user and utilizing its own VM through powershell rce whike you are logged on active so they can do literally anything
when i turn on my laptop it shows a couple of cmds poping up for a split second and when i play any game my laptop just freezes and i have to restart it from the button idk if the freeze is because of the cmds
Pretty much everything you said at 7:54 happens to me, clean installed windows multiple times, flashed motherboard and ssd partitions but they keep coming back... idk how and didnt find nobody yet xpd enough to help me. If somebody wants to end this bullying please let me know. PS: Im a gamer and they are just sabotaging my aim or other stuff in every game i try to play, got alot of video evidence of it too.
The video is not complete. I always recommend checking the following:
- Task Manager
- Netstat
- shell:startup
- shell:commonstartup (missing)
- registry HKCU run
- registry HKLM run (missing)
- task scheduler (missing)
- registry wininit (missing)
very good comment, just a small improvment: its "shell:common startup" with the space
For all of these (except netstat), you can use AutoRuns to see any startup tasks, netstat doesen't matter much after you restart.
@@fab3f ty
he also missed dll locations for checking if dlls where hijacked and registry ms-settings\shell\open\command for uac bypass with fodhelper and installed drivers
also ebola man did the HKLM run, not HKCU
the dude who ratted my computer watching me watch this:
facts lol
@@LGN.420 dox him if his dumbass used something like nc
You have a new friend lol
@@SpaceTechChan me to but I’m on my phone I might have to switch to Linux so my dumbass can’t get ratted every other month
@@Wisxpee just use antivirus and check files better, linux is hard in a lot of moments for the average user (playing games, using windows software, finding drivers and many more)
"EBOLA IS BACK!!"
"ebola is back😨"
This was a great video. One note is to explain what the options do within the command so that can be demystified to a typical user. Will be using this vid as reference fr
wake up, ebola man uploaded
Thanks for waking me up babe
@@NxVernxual np
@@Stratxgy. same Diddy I mean daddy
oh man, you've grown. I remember watching your vids when you had a 1000 subs or so. damn. Keep up the good work big bro
😁
the person who ratted my pc didnt like this
lol
I have like 3 trojans tomorrow they are going through an extinction lvl event
@jedrzejczuprynski4601 how did it went?
Thank you so much for making this man, I'm gonna try doing all these check ups when I get to my computer
Yoooo. I'm from the Philippines! Just as you uploaded your video, I saw it right away. I’ve been watching your videos for a long time. Keep it up, dude.
Hey ebola man! I really love your content all the way to the fact I have started a new channel! I really love your content and it has inspired me so much!! Thank you for being such a good inspiration!
keeping going bro on the road to 200k subscribers
💯
this guy is always just in time when i need helps
Thank you so much,
Sometimes in my pc cmd appears and disappears
my mouse freezes
and i see your video
i saw startup programs method
i checked taskmanager and i see double salih (user name) i used shell:startup and i see an app named fluxus 1.2v (an roblox exploit) i was opened it this like 5-6 day before now i know who is this i deleted and another salih (user) in task manager disappeared and after i delete it
Windows defender is detected too. (in trashcan)
Maybe you saved my life the hacker can steal my infos etc
(sorry for bad english)
😭🙏🙏
"zori vor bad englizh🤑🤑🤑"
Bro i know im late to this video but you just saved my life. My computer was ratted from trying to get hacks and he keot closing this video when i was watching it😭 im on my phone rn and its gone your the goat
Bro, if you got ratted from trying to get hacks, just stop downloading stupid stuff...
@@jesusofbulletsclearly your not any smarter if your here too😂😂
@@theredpillneo2296
I’m just paranoid. I ain’t stupid enough to download hacks.
@@theredpillneo2296
You’re*
And I’m just paranoid.
@@jesusofbullets that's even worse
When they say “I don’t post videos like this”
You know it’s gonna. Be a banger🗣️🗣️
But on a serious note. If you think your hacked Run antivirus scan, clear cookies (IMPORTANT as it clears session tokens and account info tokens ), change passwords, have 2fa enabled with Authenticator. And then clear cache. Backup data and reinstall OS and delete all partitions not format (talking about windows) and boom your not hacked anymore
I had 8 trojans on my pc its time to stop going on steamunlocked
This what we receive for pirating😔 (i cant buy games)
Steamrip *should* be a lot safer and faster as far as I know, or from what I've heard anyway. Only things you have to worry about are "FP" & "Adds" | Although "Adds" shouldn't really be much of a problem if you have an "addblocker". However you can typically run everything through "VT" if you want to be safe/be sure
"FP" - False Positives. "VT" - Virus Total
@@Encrypted-Data-z1v I would recommend fitgirl
what is steamunlocked/
W video thanks for this! good thing nothing sketchy was found on my pc i can stop overthinking for some time now (maybe I should just stop pirating games)
this was actually helpful , i had k-lite codec pack and apparantly it was connected too something odd in there good catch. i dont see it anymore so and the others are just common microsoft gaming platform names. I dont really torrent anymore so.
Thanks I got a notepad popping up writing no need to watch the video bro, your safe
The way you showed to get rid of a dll based malware is kinda useless due to most malware using manual mapping injectors and avoiding using loadlibrary because its easy to trace but good vidoe ❤
Or just good old dll proxying like I would
Also easy way to get urself in startup if u target some program everyone uses
This time it is really educational purpose
0:26 BRO HOW DID YOU KNOW 💀
i think i never got any viruses from steamunlock at the time, but the last time i needed to reset my windows and there was still some files but nothing was happening anymore, one time i got every single thing hacked, google account and so everything else, it was for data breaches (not steamunlock), not sure if i ever got a virus for steamunlock, but im happy i managed to get basically everything important back in like a week, they was uploading porn fishing promo videos on my youtube, crypto spam on my twitter and a lot more, to this day all of my emails have been pwned
Fr
crazy world Love watching whydna and just when you said it i realized i watched his video with you in it shi was good dawg
my mouse sometimes moves to a corner randomly, and the command prompt sometimes opens up for a milisecond, but it has happened less than it used to, the weird part is that it’s new, i bought it a few months ago from a trusted store. my ram is also usually at 10gb with only discord and opera gx open.
Reinstall the system from an official iso installed from another PC, I don't think it's worth trying to delete the malware, some of them multiply in the directories, you could delete one, deactivate them but there is always a risk that they remain.
what if my computer has a RAT and i just start writing roblox smut fics until they leave me alone
That's when they nuke your PC 😂
Thank you for this video I learned a lot, i was actually hacked through steam once. I tried to contact steam support to get my account, it was hacked through someone who shared me a link in steam so people better be careful who are sharing links and be always suspicious. I actually learned from that and when i got attacked a 2nd time yeah dude not this time. I straight up reported to steam.
this is what I get in return -
The requested operation requires elevation.
I did too, just run it as administrator
Good video. Fortunately I am clean based on this video but I had to uninstall AVG as I was getting this prompt about " Your pc needs to retart in 1 minute" I had to disable all startups and realised after a few tweeks that AVG was the culprit, somehow. After I uninstall it the issue went.
Thank you very much for your videos there’s just excellent 👌 I will be studying all of the topics that you teach in your videos
ebola got that quacked adobe i see u homie
Sometimes my cursor starts moving and clicking on stuff I’m I cooked?
bro...
sell your house and go to another country
Call the exorcist pronto!
Hey, another one is in task scheduler it can also run CMD commands just like in task manager startup tab
guys... why do i have 30 different connections on port 80?
check the name of the port
Thank you for this video, ebola man!
Grandmaster skid just dropped new vid 🔥
I have reoccurring nightmares that I have been hacked
real
me too
bro what is remote desktop companion and why is it established??? (nvm its just meta quest connecting to my vr)
1:31 I did this and it only said "the requested operation requires evaluation." :/
yeah, same :(
The thumbnail had all normal windows processes on it, except the node thing thats on there, never seen that before.
where can i get program hacker big dawg? you're the only reason why im still alive tbh glad to see you're back
Yo, have any advice on how to check for malware/hackers on Mac? Love the videos by the way keep it up 👍👍👍
I commented so I could get a reminder when I get a renewed laptop
CMD opens up on a fresh installation of Windows though.
Great tutorial thank you TH-cam algorithm.
so my old computer is 100% hacked in some way, it shows several of the bad signs and runs very slow, time to fix it
2:04 sorry im slow. So should i stop 3389 and 5500
if they are running remote desktop services then yeah
This actiualy helped a lot, thanks ❤
something showed up on the remote desktop how do i get rid of it???
⚠ I have a REALLY IMPORTANT question. About those sketchy ads that we might find on huge safe websites, that lead us to a fake app with a VIRUS download instead of the legit download, example when someone clicks on a fake download button thinking that its the legit download and they run unknowingly a stealer who steals their accounts. My question is: why are such ad companies allowed to run? Shouldnt be a lawsuit against them? or dont the lead security companies do something about them??? People that are not savvy fall to such traps every hour
😔
Bro look i dont know why but mynvery powerfull PC is running RDR 2 really slow i have RTX 4090 super and 4gb of RAM but there i have like 30-40fps
ebooola mannnn is baccccck 🤩🤩🤩🤩🥰😇
I actually just see cmd panels pop up for no reason. When i boot up my laptop, should i worry?
i resetted my pc recently and always have it that my wallpaper goes to default and then to the animated one back ?
if ur using wallpaper engine thats normal
Also, some light programs open and close cmd on startup like steam
Ligit*
Ligit
legit :)
@@James-e4q3c try again?
wakey wakey, Mr. Ebola is back!
Would be a great video if you had a donor PC that was infected/hacked or such. Then... actually perform these commands to show how it actually happens and works.
Sorry, I have not combed through you videos to find a video of this yet. If you have. If you haven't, I highly suggest it. Would rack up a ton of views.
thanks for the walkthrough
Does it help if I just factory reset my pc?
Yeah my pc always has really high processes running and it says they windows but idk its suspicious
Hmm i'm not scared of getting hacked it's just interesting to know this knowledge thanks.
i have only 1 chrome opened and in cmd it shows a few with diffrent ips, also sometimes in my youtube history i see videos appear that i havent watched and in audio setting there is extra chrome in mixer and it plays sounds but its muted, how do i fix it
i see you got hacked.
Thank you Sir
Yo ebola I have a problem, I can see theres a virus in my startup on task manager but it wont let me go to the file location to delete it, any ideas to help?
same for me but how can i delete it? We need your help
ebola man
pls!!!
Get a good antivirus product
@@rmyikzelf5604 to my knowledge theres no good antivirus program that will detect and get rid of all viruses.
End task of what you think is a virus and get an anti virus instead windows defender, even a free version can remove a virus. U can also do an offline scan, it checks every file on your pc
If I'm paranoid and want to reinstall, do I have to wipe ALL the drives?
depends on how paranoid you are and if you can rule out a drive or not
im still kinda new to hacking but is there a way to make a file not popup as a virus?
call me a skid if u want, but it would be helpful if any of yall could help or teach me
obfuscation, crypting, theres a lot u can do. I teach a lot on www.skool.com/anonymous2
i was playing a game when i noticed my mouse was moving randomly even when i dont move it so that's why i checked this video and when i opened that thing for the startup programs i also had that thing that was just "program". i disabled it but idk if that's enough and idk if my pc is even hacked but i'd appreciate any help
thanks!! i was looking through the first one and i found some malware.
What if i got can not obtain ownership information?
i have a bunch that say "can not obtain ownership information" how would i delete those?
What about the taskbar randomly popping up for a split second? No cmd or powershell just taskbar. It doesnt happen that often though.
that’s a lil sus
@ebolaman_ I checked and with the first thing you did in the video, I see stuff like Radeon and cryptsvc. But when I first turn my PC on, I see more stuff. I saw one said 5357
@@Eqxu when you start your pc it's normal to see more ports and ips being used
Im chillin with 10 malwares in my computer "i swear im not joking an msg poped up saying Iin the title Synapse: Your computer has been Comprimized" 😭😭😭😭
Might just be scareware
@@fertileplanet7756 frfr
One method they use to infect your PC is with a pop up on a questionable website - "Your Computer is Infected with a Virus" in a scary big popup usually in red. The uninformed will click on it which plants the first malware code on the PC. Then that malware invites other viruses, malware and trojans to the party. One time a friend brought me his wife's laptop which was massively infested with over 80 viruses and malwares. I tried to remove all but in the end I suggested a clean re-install since there was no critical data on the hard drive. She invited the first malware by clicking on a Facebook banner ad.
Bro why is my wallpaper saying *ops ur inportant files have been encrypted if u see this text but not the "wannadecrpyt0r" ur antivirus or u may have delte it*???????
Dude pls help, When I did the 3389 port, something showed up, im really scared rn, plss help
Hey ebola, can u make a ip puller tut?
Yoo i found a svchost.exe on my pc and ran the netstat find cmd and it said tcp established is this a remote desktop? (my disk is always on 100% so i have a virus i know it)
everything in my cmd is sketchy what do i do?
some of them says can not obtain ownership information
Now, how do we troubleshoot it thats the big boy problem cuz they sometimes have abilities to like delete this thing that makes it so you can't reset pc
hey im trying to that find search but i cant get the straight line down on the cmd. How did you do that? I tried doing the find "5500" without it and a bunch of things pop that just give me info on what -a or -b commands do.
what happens if u find 2 different TCP's with the command ( netstat -nbf | find "5900" ) ?
like what does it mean? cause i ran the command and i got 2 TCP's while ebola man got none
that’s the vnc port 😭
@ 😭shi man i’m stupid , ty tho i was worried
@@ebolaman_ so like that's bad news or good news?
so i did the find 5900 and it says some numbers then says established, what does this mean? am i hacked?
I have a question bout sum. So basically they turned an organization thing so there are somethings in settings i cant turn on or off and they disabled task manager. How do i undo that
thank you so much, i just deltet the file that made a cmd window pop up evertime i start my pc, subsc
ribed :)
please mak a tut on making a port scanner
Dude one time i turned on my pc and my wallpaper was black, (i reset my pc before this) im glad i watched till the end
is it ok for cmd window to pop up randomly but not for a quick sec like it stays there and u need to manually close it and it dosent happen when i open the computer its just random is that okay?
🫡
@@ebolaman_ i cant see that?? also it appears at exactly 12:06 every day
why does it say '-nbf' is not recognized as an internal or external command,
operable program or batch file.
can you make a tutorial about making an imgui in c++
My biggest issue is that I can do all this, but I don't know what is or isn't sketchy.
The scarier ones is when the hacker makes a hidden user and utilizing its own VM through powershell rce whike you are logged on active so they can do literally anything
how do you detect these types?
if he generate new firewall rule using pid 4? every time i restart the pc
when i turn on my laptop it shows a couple of cmds poping up for a split second and when i play any game my laptop just freezes and i have to restart it from the button idk if the freeze is because of the cmds
Your TH-cam thumbnail showing arrow pointing "Lockapp.exe" That is NOT a virus. it is a lock screen when you sign in your account.
True, I was confused as well
>found sus process
>off it
>blue screen :D
Pretty much everything you said at 7:54 happens to me, clean installed windows multiple times, flashed motherboard and ssd partitions but they keep coming back... idk how and didnt find nobody yet xpd enough to help me. If somebody wants to end this bullying please let me know. PS: Im a gamer and they are just sabotaging my aim or other stuff in every game i try to play, got alot of video evidence of it too.
maybe a motherboard rat
Get a good anti virus product
-nbf | find "3389"
'-nbf' is not recognized as an internal or external command,
operable program or batch file.
Yo what does like in the first one when i did the cmd thing and some of is written CLOSE_WAIT what does it mean?
The requested operation requires elevation........ this is when i tried the netstat in cmd :o
open as admin
@@ebolaman_ its stupid i didnt think about it but yeah it work thanks haha
how do you know files are from a hacker when you see the full list?
Pls Batch programing toutorial 🥺
i have so many
@@ebolaman_ Not full tourtorial