@SaimonSSL um try windows is the virus ... who needs the bloatware ... 90% of the junk running on windows 10 is not needed but windows forces it anyway ...
A few things: If you notice a remote shell is running on your system, don't just kill it and be done with it. Always check for backdoors and the like, persistence is an important step in the attack process. You won't always see the shell pop up in the task manager, especially if it's a meterpreter shell. Meterpreter can migrate to other processes (and usually will because windows defender will often automatically kill remote shells if they don't), so you have to look for other things such as abnormal resource usage or unusual calls if you have Sysinternals tools. Just because you have your firewall up does not mean you are safe. A hacker might be able to bypass his way around it, and most will know that disabling it altogether is an easy way to get spotted. Always check for suspicious permissions when it comes to the firewall, and use a router based firewall whenever possible since a system based firewall can be easily disabled or bypassed.
Those are great points. Thanks for bringing it up. Persistence is the goal, you’re right. That’s a jackpot for malicious actors. Thanks for the router based firewall information too.
I don't know my elbow from my bum hole when it comes to this stuff so anything said sounded like alien lingo to myself and anyone with a basic knowledge of pc functions lol.
@@godric443 Was just fixing to say, always good to have alternatives in case one is compromised. Task Manager, ProcessHacker, Process Explorer, etc. Even better if you have them on DVD-R which can't be modified. That way you can still run the software and not worry about it being deleted or modified in a way that disables it. Although would be funny if they noticed and kept ejecting your CD Drive XD
@yupyipit neither did I. It sounds very fishy and I think he got the virus from something else, but he told me it was after he used the client with the mod
@S T Ξ Λ L T H Windows is quite the bloated and chatty OS built to mine the user for data. Constantly sending "anonymous" analytics data to Microsoft and etc. Average American citizen's data is usually worth around 5 - 6 ish USD I think, not fully sure though. Either way, they can collect that data from millions and they make quick bucks selling it to advertising companies. Ever wondered why when you do most things on the internet, you see ads related to that, or suggesting things you only just recently looked at or searched on google?
@@Skullkid16945 yes, Microsoft collects the user data. So does Apple, Google, Facebook, you name it. If you are that paranoid over Microsoft's data collection, what if I tell you that every android phone with google assistant enabled is listening to your conversations ALL THE TIME? Probably even when assistant is disabled, though I have no proof for that. This in fact is most likely why you're seeing ads related to stuff you've spoken about, it's because google is listening to you more than anyone else. Microsoft began as a software company/operating system maker, but Google began their operation as a serach engine developer and their primary profits come from ads. You're trying to portray Microsoft as an ultimate bad guy but it's far from truth
For the Task Manager tip to be of any use, the user must already be familiar with all the normal processes that should consistently or can occasionally appear there. I keep a Notepad with the complete list of everything in the Services list, the Startup list (from the msconfig dialog) as well as the Task Manager list. Anytime I remove/disable or add/enable software, I update the list. Studying those lists and getting a general familiarity with them is crucial. Do I have everything memorized that I can recite every item for memory? Of course not. But upon looking at the list, I can recognize what should or should not be there. And if I am not sure, my Notepad list/record helps me make a distinction as to whether I'm merely not recognizing something that's always been there, or if it's something "new" that I did not authorize.
@@smokescreen2146 What do you mean "then what?" ?? I am pretty sure the answer is in what I said : memorize/familiarize yourself with the items, know at a glance what should and should not appear in that list. If you have something specific in mind, you're gonna have to use your words and explain it. I am not a mind-reader and I am not fluent in dumbed-down Textinese.
Seems I have to spell this out .... TO MAKE TASK MANAGER REFERENCE LIST : 1. Open Task Manager. 2. Select "Processes" tab. 3. Look over all items. If you do not know/recognize a process, or cannot deduce with certainty what it is : a. Do a local computer Search for that process to determine its location - sometimes just knowing where it is can verify its legitimacy. b. If finding it on the computer, the location still does not clear anything up for you as to what it is or if it is safe, GOOGLE IT.
@@BlackieNuff There are over 120 processes running on my machine right now with just Firefox opened, and they keep changing and re-ordering themselves, so good luck memorizing and spotting them. Like I said you made your list after you already got hacked, and not before so it is useless. Some Trojans can also pretend to be legitimate processes (e.g. scvhost) and can even hide themselves from appearing on Task Manager. Anyway why are you listening to someone who teaches hacking for advice on how to stop hackz?
I will add just one thing: Be careful with just willy nilly ending tasks. Some tools are able to do some techno-sorcery and tie themselves to a critical windows process, meaning that if you kill it you'll trigger a bluescreen of death. The malware would remain running once you reboot as it'll likely also be configured to set itself up on startup. I wont name any tools that I know possess this ability, but I will assure you they exist and it's best to rely on an antivirus to do the cleanup for you if you don't know what you are doing.
I’ve been looking for videos like this when I was young! I’m glad to have found these years later! I hope to probably get into networking and coding again it has always interested me and I went to college for it before they shut down on me twice But if I can learn now for a hobby that would be cool! Maybe someday I can make it a career again
I can see why there is dislikes. People who know nothing come here trying to learn how to find out if they got hacked and get bombarded with crap loads of very tech lingo and get lost in the first 2 minutes or less lol. You see? A person would already have to have learned some technical stuff to even begin to comprehend any of this info. :-s. You see now?
Dude, solid video! Thanks for sharing. I like that you show both sides of the hack! Good work man! At work, I usually reboot the workstation if I think a customer opened a phishing payload. Because I have some offensive experience, it makes me realize that unless they’ve established persistence, they’ll need to exploit again :). Obviously if you have physical access to network interface you can also disconnect that too. Anyway, great video!
There are 117 back doors into Windows 10 and only a handful are closable without crashing internet access. If you close too many doors, Windows 10 will detect it and shut off your internet access. One of the back doors that are well known is the INTELME back door. Most of them are telemetry ports, update ports, location tracing ports, meta data ports and webpage remote viewing ports.
One interesting thing I once noticed: if you want to have remote RDP access, you can open ports on your PC and network. However, with a program like Glasswire I observed tons of external IPs from other countries attempting to access that remote port. Of course the PC on the remote end was password protected (no stupid 4 digit PINs either) so it's quite unlikely that the password would be cracked and access granted (assuming RDP forcibly disconnects after so many attempts). However, this did increase the total incoming traffic into the PC and network (adding to xfinity's data cap). So with this in mind, one way to ensure hackers can't gain access over remote shell or RDP is by using a local VPN and only allowing outgoing traffic over the VPN (except for public servers). A good router firewall like pf/opnsense will make it easy to create a secure and encrypted firewall which is far easier and more secure than opening ports on the router.
RDP is well known to not have a fail 2 ban system (it allows unlimited attempts to access) and, further, the Administrator users are always automatically added to the allowed list of users to connect by RDP (unless you explicitly remove them). Just never, ever open an RDP port to the internet. If you need remote access, connect to your network by VPN and then use RDP with local IPs tunneled over the VPN.
I have an ex landlord who has psychopath traits and not did he steal my cell phone while moving in, but while not at home he had access to my router and computer. I've always strongly suspected he's hacked my computer and was listening to my conversations, then prior to moving out and while changing the home address to my new location, I found under one of my accounts that my current delivery instructions had been removed and replaced with a new message to be delivered to his home instead. I'd also discovered a cell phone and another devise was connected through my routers wifi known network connections.
It will be great to show the same for Linux too! I would like to ask You as a Wordpress websites creator if You can create some videos for Wordpress vulnerability...
Good video. New subscriber here, I've already gone threw a few of your video's and find them interesting. I'm new to learning IT, and trying to learn on my own but I find your video's really helpful.
This is cool but I think the netstat -b would help more. It's almost impossible to identify anything based on numbers so if you know the exe you can at least make educated guesses or google them
If you think you've been hacked, the only real thing to do is to nuke the system from orbit: reinstall everything back to factory default (or at least from clean installation media). Trying to detect or root out every single back door is a fool's errand.
thats actually very good advices u gave here, but 1 thing, netstat will be completly useless, because on a normal machine u wont have like 5 active connections like urs cause urs is fresh instal, instead u would have maybe a 100, so the person needs to be very advanced and to know which application with which IP is comunicating, and that is a lot of additional work to do and track.
One obsessive stalker/ hacker has been inside my computer for many years. When I typed “netstat”, the data came out fine. After that, I typed “netstat/?”, the information came out fine. When I typed “netstat-ano”, nothing came out. This hacker did some program on the script. He tried to block me to delete his hacking IP address in task manager. Please help. Besides that, he has been using manipulating Bank of America(BAC) for several years, without his manipulation, BAC stock price would be over $70/share before Covid-19 market dropping last year. After I bought Wells Fargo(WFC), Li auto limited(Li), NIO Limited (NIO), Pfizer Inc. (PFE) several months ago, he has been manipulating their price and frequently dragged their price down and controlling their price. Trying to ban my voice, he disabled all reviews functions on my several laptop computers Google, Yahoo and other major sites.
Google and download: "SysInternals Process Explorer" (from Microsoft) it can check all the running processes against VirusTotal. Run it, ensure Options -> VirusTotal -> Check VirusTotal is checked. You can then explore those processes with many failed checks (few can be false positive). You can also check what company made it and ignore those you know.
or you will find the machine they are spoofing or doing a remote access from ... and get the wrong person ... you need to strip the header packet to find the final destination to get the ultimate end user of the process ... most tools DONT do this ... so they stop at the first IP and call it a day ... but the packet can then be rerouted from the remote machine to the hacker or yet another remote machine and so on ... .
Good vid. How do you fix all the problems? Firewall and security. How do you locate (street name and door number would be best) and stop the attacker from accessing your computer?
Thank you for these information. However, you haven’t explained in detail how we can stop our systems being hacked. You mention an app, but I would like to know if the app can block hackers. Thank you.
Have an antivirus, dont bypass warnings antivirus gives you, have common sense, dont download anything sketchy and even if you do you'll probably be fine if your antivirus isnt itself a virus but dont do it anyways. Beware of phishing. The only time your system is going to be "hacked" is if you have a virus, the computer isnt like facebook that can just be hacked as it only exists in your machine.
Just use common sense and don’t download random things. I recommend Malwarebytes to scan from time to time and a windows defender offline full scan which is already on your computer. Remember to read links carefully because grabifies can look like real links and double check sites you type in before going to them.
I am doing Loi'c course on Udemy and have got to say that he is a really good teacher. You guys are so lucky that he had this really important video up on TH-cam for free...I am too as I am fending off an attacker...Thanks Loi, your awesome! 😊
For the netstat -ano, how should I know which one is suspicious process when there are many connections with your so called funny IPs ongoing? Thank you.
@@toggledfire4148 Wrong. Hackers could use port 443 also. If you have a NAS storage drive, you might see 445 connected to another IP address within your network. If you use Steam, you might see 27039. Any of the ones that say "LISTENING" could be malware waiting for a hacker to connect. A better way is to use whois to lookup all the foreign IP addresses you see in netstat and see if any of them are from China or Russia or something you don't recognize. They will usually be something you recognize like Microsoft or a website you've visited recently. If your router is set up correctly, nobody on the internet should be able to make unsolicited connections to your PC, unless your router has been hacked and ports are being forwarded. If you do see a legitimate hacker connection in netstat, you most likely already have malware on your PC and it is initiating outbound connections. This video is a bad example, since the hacking was done from within the local network. If you ever see that happening you have worse things to worry about, since not only is your PC hacked, but another device on your network is also. He also failed to mention that a root kit can hide itself from Task Manager so you wouldn't see it in there.
I skip most of the steps by searching for the source file and then deleting from the registry with admin rights anything related to it. Reboot and you'll be ok. No need to go through all the networking stuff. Unless you got into the deepweb unprotected and had to format c:/>. Good video though 👌
End task is not always the best. Should right click select goto process then Right click select end process tree. This is how you kill process from the root. It is also important to find out what started the process and if it is a file that can and should be removed.
If you have Windows 10 your computer comes pre-hacked. Signs of hacking: The software is very difficult to remove. The software takes control of your computer so you cannot use it. The software steals all your info. The software makes your computer slow and hard to use. The software fills your computer with junk that you don't want or need.
My pc just got hacked... they hacked my webcam and microphone. I didn't notice I was hacked until I was watching TH-cam and suddenly, my pc randomly said "We are an anonymous religion." I checked what it was, and when I hovered into the microphone thing at the bottom right in Windows 10, it said "Test is using your microphone." That's when I started to really panic. I also had my cam up, well my desktop(dell) had that default cam that you can push back to hide it or not. In this case, my cam was up, and I noticed it had that white glow. After that, I saw myself on my own screen, and saw that they recorded me. They even had the nerve to put themselves into my wallpaper. Of course, I first checked my accounts and turned off my wifi. There wasn't any important files in my desktop anyway. They locked up my desktop, like there was this black screen with some Password thing. I tried to restart again and again, and did "Bitlocker." It still didn't work. This was my first time getting hacked, and I was really sacred. Please reply to me asap if you have any idea on how to deal with this.
High CPU or disk usage, and an unusual program or duplicates of usual programs. Sometimes malware just sits in your file folders without showing up in task manager, though.
for sure the best way to be safe is to save all important Doc to an offline drive it shouldn't be available and whenever used first disconnect the cable.
Me without a computer: interesting... Edit: holy shit why is such a simple comment causing a war in the reply’s, I guess this is the internet after all When I say I don’t have a computer I don’t mean a phone since some people think phones are computers. I don’t have a actual computer a PC or a laptop is what I mean. I’m actually surprised and disappointed I had to explain this
Ive got a weird problem thats been around for a few months, since I think may 17th 2022, where windows security immediately closes, along with some other security things, and some software from my computer(armorycrate which is for ASUS computers) and the taskbar does not work but apps can still be clicked on, and search bars never finish searching anything(in file explorer as its all I can open, and settings) Ive tried a dozen things and theyve never worked, Ive checked files in task manager and I cant find anything, my dad always jumps straight to scorched earth with "just restart the computer, you can save docs but otherwise you're letting hackers steal your credit card info and other things" but nothing has happened, I feel it in my gut that its some absurd bug or error cause by hardware issues(my battery had a bulge but I havent been able to check so I feel like it could have ruptured or messed with the boards I really dont know) or just some setting that I dug 12 layers deep and toggled but wont ever remember where I went to get to it. Its frustrating and I dont want to just torch my laptop.
Hello, thank you for this very educational video. I was recently hacked, How you you protect oneself from a hacker whose hacked the laptop and hopefully not the phone or security cameras? So far I did a manual factory reset having called Samsung but I'm now so paranoid about this despite not having much to hack the fact that I was hacked has been very traumatizing. Just want to know how to make sure I have saved the hard Disc and have no root kits and everything else I need to do.... kindly appreciate it in advance
There is no reasonable way to quickly identify harmful ports just by reading them. You could however do exactly what a good antivirus does and automatically reference your connections with a database of potentially dangerous ports or addresses*.
Task manager, netstat, wireshark, firewall and antivirus.
Thank you master ♡♡
So ok then how as im still relativly new to Linux how do i detect if any one is hacking my Linux Os? i use as the norm Parrot sec or Kali Linux?
do i run top or htop from aa terminal then dissconect any unwated traffic
How can i open closed videos? Thanks!
@@notamongyou huh?
The hacker who are visually remote access my computer watching me watching this video :
*Nerveously sweating*
Lmaoo
do you mean to saay FBI?
I'm
@@majeedmx7016 fbi cant "visually remote access" your screen....
I can feel FBI is coming
The hacker watching me watching this video : *Interesting*
@Amano Kun Interesting
Why i think your comment will get 1k likes
@@LuizZignani same
Oh hello there i have been watching u
Very interesting
"open task Manager and look for potentially malicious program running..."
- Cortana spotted!!
so true
@SaimonSSL um try windows is the virus ... who needs the bloatware ... 90% of the junk running on windows 10 is not needed but windows forces it anyway ...
halo ai cia
@SaimonSSL You cant even spell Cortana right after it was spelt in front of you. Incompetence.
@@stuffandthangs3953 Clown comment. He is clearly trying to joke around.
how to become paranoid in 10 minutes
true lol
Fr
@@laflame3460 Nah, you're fucked. Everything's already infected with malware by the time you read this.
Jk, I don't know what I'm talking about.
@Cityscapes It downloaded folder normal folder I didnt even open it
@@laflame3460 you can never be sure but it is not unlikely that you have a virus. I would say 70% you got infected.
Had to watch this on my phone because my computer would close the tab for no reason.
hmmm
Well...
Hmmm 🧐
thats one of the signs that you got hacked
@@mrstarfish thats one of the signs that you missed the joke
when you try to un-hack your pc but you end up hacking the hacker
thats just exagerated swaggers
@@leg4985 the exxaggerated swagger of a blck teen
@Zrobilive lol
@Zrobilive most of the time the attacker's IP you see, it's not his real one.
Actual fucking gigachad
"huh, let's see the task manager..." *finds powershell running*
*SWEATING PROFUSELY*
Same. Is that a normale one or is every powershell a virus/tracker???
@@Mr.Wayne.1 if you don't have a powershell window open, i guess it's a virus
@@Mr.Wayne.1 if you didn't download it or don't have it opened then it is very likely a virus
well i have windows defender notification icon running,
frick
@@Iqbal1808 uh oh, seems like you're screwed
Wasn't even thinking about the possibility I got hacked until I saw this recommended, now I'm paranoid for no reason.
LOL
Lol
Signs you've been hacked:
1) You're using windows
2) It's connected to the internet
3) You've installed something on it
stfu apple user
@@YousefSadiq then "stfu non-windows user"
@@YousefSadiq then "stfu Duco Darling" is appropriate
Signs you've been hacked:
1) Own a computer
2) It's connected to the internet
@@u1richh ever heard about the Mirai botnet? Literally anything that can connect to internet can get hacked
A few things:
If you notice a remote shell is running on your system, don't just kill it and be done with it. Always check for backdoors and the like, persistence is an important step in the attack process.
You won't always see the shell pop up in the task manager, especially if it's a meterpreter shell. Meterpreter can migrate to other processes (and usually will because windows defender will often automatically kill remote shells if they don't), so you have to look for other things such as abnormal resource usage or unusual calls if you have Sysinternals tools.
Just because you have your firewall up does not mean you are safe. A hacker might be able to bypass his way around it, and most will know that disabling it altogether is an easy way to get spotted. Always check for suspicious permissions when it comes to the firewall, and use a router based firewall whenever possible since a system based firewall can be easily disabled or bypassed.
What you just said, gone above my head bro, a video would have been useful for it i think.
Taskkill /F /T /PID NNN
Lol
Those are great points. Thanks for bringing it up. Persistence is the goal, you’re right. That’s a jackpot for malicious actors. Thanks for the router based firewall information too.
I don't know my elbow from my bum hole when it comes to this stuff so anything said sounded like alien lingo to myself and anyone with a basic knowledge of pc functions lol.
**tries to open task manager**
Task manager has been disabled by your administrator.
*this is fine*
aah we need some defense for this now :D
man get to like the support and call the support system for help
sudo.. oh wait shit
@@godric443 Was just fixing to say, always good to have alternatives in case one is compromised. Task Manager, ProcessHacker, Process Explorer, etc. Even better if you have them on DVD-R which can't be modified. That way you can still run the software and not worry about it being deleted or modified in a way that disables it. Although would be funny if they noticed and kept ejecting your CD Drive XD
You can activate it again in the group policy editor
Me: *gets this video reccomended after downloading 40+ Minecraft mods*
also me: "Im in danger"
*chuckles* "I'm in danger"
@yupyipit fabric is usually safe, but forge has many breaches
@yupyipit neither did I. It sounds very fishy and I think he got the virus from something else, but he told me it was after he used the client with the mod
@yupyipit yeah
40? Das a rookie number. I've been rocking 2 shady launchers with hundreds of manually installed mods on them back in 2015 XD Never got a virus afaik.
My first suspicion would be that "hacker" file in the desktop.
A big sign is when a Indian guy is asking you to buy gift cards to fix the issue
Or any support for that matter.
"hello your computer has virus"
~not an India guy but has deep indian accent
@@rabidbeaver167 lol okay then
Cut off the internet wire
Jim Browning is an expert on that..............he knows them all...;-D
Sign no. 1: at startup, it greets you with a "welcome to windows" screen.
@S T Ξ Λ L T H Windows is quite the bloated and chatty OS built to mine the user for data. Constantly sending "anonymous" analytics data to Microsoft and etc. Average American citizen's data is usually worth around 5 - 6 ish USD I think, not fully sure though. Either way, they can collect that data from millions and they make quick bucks selling it to advertising companies. Ever wondered why when you do most things on the internet, you see ads related to that, or suggesting things you only just recently looked at or searched on google?
@@Skullkid16945 yes, Microsoft collects the user data. So does Apple, Google, Facebook, you name it. If you are that paranoid over Microsoft's data collection, what if I tell you that every android phone with google assistant enabled is listening to your conversations ALL THE TIME? Probably even when assistant is disabled, though I have no proof for that. This in fact is most likely why you're seeing ads related to stuff you've spoken about, it's because google is listening to you more than anyone else. Microsoft began as a software company/operating system maker, but Google began their operation as a serach engine developer and their primary profits come from ads.
You're trying to portray Microsoft as an ultimate bad guy but it's far from truth
@@Skullkid16945 but if you get ads on google related to what you just looked up on fucking google wouldnt it be google who sells the data?
@@Skullkid16945 Good god your name broke youtube. It crosses the right panel of youtube going all the way to the right edge of the screen.
@@Skullkid16945 Is there's youtube link on ur name?
I'm a regular windows user, and I'm using task manager since windows 7 era to monitor my whole system.
Thanks for the additional tips.
Nope
@@gowororigejunua439 wth dude you're everywhere
Me: opening never gonna give you up on youtube
My FBI agent and the guy hacking my pc: fuck
You can always do netstat -b in an elevated cmd and it will show the executable file with that connection.
Thank you so much
could do yea
@@amateruss command prompt with admin rights.
"The requested operation requires elevation."
For the Task Manager tip to be of any use, the user must already be familiar with all the normal processes that should consistently or can occasionally appear there.
I keep a Notepad with the complete list of everything in the Services list, the Startup list (from the msconfig dialog) as well as the Task Manager list.
Anytime I remove/disable or add/enable software, I update the list. Studying those lists and getting a general familiarity with them is crucial. Do I have everything memorized that I can recite every item for memory? Of course not. But upon looking at the list, I can recognize what should or should not be there. And if I am not sure, my Notepad list/record helps me make a distinction as to whether I'm merely not recognizing something that's always been there, or if it's something "new" that I did not authorize.
You made the list after you got hacked, then what?
@@smokescreen2146
What do you mean "then what?" ??
I am pretty sure the answer is in what I said : memorize/familiarize yourself with the items, know at a glance what should and should not appear in that list.
If you have something specific in mind, you're gonna have to use your words and explain it. I am not a mind-reader and I am not fluent in dumbed-down Textinese.
@@smokescreen2146
It just occurred to me what you meant : The answer still should be obvious...
Google it.
Seems I have to spell this out ....
TO MAKE TASK MANAGER REFERENCE LIST :
1. Open Task Manager.
2. Select "Processes" tab.
3. Look over all items. If you do not know/recognize a process, or cannot deduce with certainty what it is :
a. Do a local computer Search for that process to determine its location - sometimes just knowing where it is can verify its legitimacy.
b. If finding it on the computer, the location still does not clear anything up for you as to what it is or if it is safe, GOOGLE IT.
@@BlackieNuff There are over 120 processes running on my machine right now with just Firefox opened, and they keep changing and re-ordering themselves, so good luck memorizing and spotting them.
Like I said you made your list after you already got hacked, and not before so it is useless.
Some Trojans can also pretend to be legitimate processes (e.g. scvhost) and can even hide themselves from appearing on Task Manager.
Anyway why are you listening to someone who teaches hacking for advice on how to stop hackz?
Easier way to stop them from stealing your info:
Unplug your Ethernet cable
Best solution here
They hacked into your router?
Unplug it.
im on wireless
@@SumSpr33 unplug your router
@@SumSpr33 burn the house down that will stop it
The best Anti Virus is most of the times common sense.
cute pfp
Nope
Antivirus is a virus itself
I will add just one thing: Be careful with just willy nilly ending tasks. Some tools are able to do some techno-sorcery and tie themselves to a critical windows process, meaning that if you kill it you'll trigger a bluescreen of death. The malware would remain running once you reboot as it'll likely also be configured to set itself up on startup.
I wont name any tools that I know possess this ability, but I will assure you they exist and it's best to rely on an antivirus to do the cleanup for you if you don't know what you are doing.
I just got a malicious clone of syscruntime140.dll, and it lived through a complete cloud reinstall of windows 11.
@@ThePower1037 keyword is cloud
"First thing you wanna do is right click the taskbar and select task manager"
me on linux: _sad tux noises_
@Jay Rozes I get better performance on Linux, plus I like the distro I use, it's very stable and fast
top
@@System64MC based?
@@sirrobertwalpole1754 I'm on Zorin, based on Ubuntu
@@sirrobertwalpole1754 I'll take a look at it, thank you
I’ve been looking for videos like this when I was young! I’m glad to have found these years later! I hope to probably get into networking and coding again it has always interested me and I went to college for it before they shut down on me twice
But if I can learn now for a hobby that would be cool! Maybe someday I can make it a career again
Hey can u hack someone for me
919 highly skilled hacker disliked the video. Honestly I don't know how somebody can dislike something this informative
I can see why there is dislikes. People who know nothing come here trying to learn how to find out if they got hacked and get bombarded with crap loads of very tech lingo and get lost in the first 2 minutes or less lol. You see? A person would already have to have learned some technical stuff to even begin to comprehend any of this info. :-s. You see now?
Dude, solid video! Thanks for sharing. I like that you show both sides of the hack! Good work man! At work, I usually reboot the workstation if I think a customer opened a phishing payload. Because I have some offensive experience, it makes me realize that unless they’ve established persistence, they’ll need to exploit again :). Obviously if you have physical access to network interface you can also disconnect that too. Anyway, great video!
This is a good start, but you should also research how they gained access in the first place
Hackers will be very dissapointing after looking at my balance
they look at my balance and send me money ...
This is the first actually good video about detecting when you get hacked.
There are 117 back doors into Windows 10 and only a handful are closable without crashing internet access.
If you close too many doors, Windows 10 will detect it and shut off your internet access. One of the back doors that are well known is the INTELME back door. Most of them are telemetry ports, update ports, location tracing ports, meta data ports and webpage remote viewing ports.
Imagine disabling a hacker's connection after watching this video xD
I wonder if they could restart it again.
well i certainly feel better about my system now, nothing looked out of the ordinary
Me too, although I don't have an antivirus program cause its often screwing up my games
Everything looking "in order" doesn't mean much. Read up on rootkits. Malware designed to remain hidden.
not even the homework folder?
This is a lot to take in but it seems very in depth so thank you!
One interesting thing I once noticed: if you want to have remote RDP access, you can open ports on your PC and network. However, with a program like Glasswire I observed tons of external IPs from other countries attempting to access that remote port. Of course the PC on the remote end was password protected (no stupid 4 digit PINs either) so it's quite unlikely that the password would be cracked and access granted (assuming RDP forcibly disconnects after so many attempts). However, this did increase the total incoming traffic into the PC and network (adding to xfinity's data cap). So with this in mind, one way to ensure hackers can't gain access over remote shell or RDP is by using a local VPN and only allowing outgoing traffic over the VPN (except for public servers). A good router firewall like pf/opnsense will make it easy to create a secure and encrypted firewall which is far easier and more secure than opening ports on the router.
RDP is well known to not have a fail 2 ban system (it allows unlimited attempts to access) and, further, the Administrator users are always automatically added to the allowed list of users to connect by RDP (unless you explicitly remove them).
Just never, ever open an RDP port to the internet. If you need remote access, connect to your network by VPN and then use RDP with local IPs tunneled over the VPN.
I have an ex landlord who has psychopath traits and not did he steal my cell phone while moving in, but while not at home he had access to my router and computer. I've always strongly suspected he's hacked my computer and was listening to my conversations, then prior to moving out and while changing the home address to my new location, I found under one of my accounts that my current delivery instructions had been removed and replaced with a new message to be delivered to his home instead. I'd also discovered a cell phone and another devise was connected through my routers wifi known network connections.
It will be great to show the same for Linux too!
I would like to ask You as a Wordpress websites creator if You can create some videos for Wordpress vulnerability...
Good video. New subscriber here, I've already gone threw a few of your video's and find them interesting. I'm new to learning IT, and trying to learn on my own but I find your video's really helpful.
Who else checked to see if PowerShell was running on your computer right now.
Yeah, mostly because I found GTA V was slower than usual.
This is cool but I think the netstat -b would help more. It's almost impossible to identify anything based on numbers so if you know the exe you can at least make educated guesses or google them
If you think you've been hacked, the only real thing to do is to nuke the system from orbit: reinstall everything back to factory default (or at least from clean installation media). Trying to detect or root out every single back door is a fool's errand.
Just came across your channel. Your content is engaging and insightful! Thank you for putting in the effort on these video I appreciate it!
Great video, very informative and straight forward. Keep it up
thats actually very good advices u gave here, but 1 thing, netstat will be completly useless, because on a normal machine u wont have like 5 active connections like urs cause urs is fresh instal, instead u would have maybe a 100, so the person needs to be very advanced and to know which application with which IP is comunicating, and that is a lot of additional work to do and track.
This video came up so early, im still sleepy but i need to watch
One obsessive stalker/ hacker has been inside my computer for many years. When I typed “netstat”, the data came out fine. After that, I typed “netstat/?”, the information came out fine. When I typed “netstat-ano”, nothing came out. This hacker did some program on the script. He tried to block me to delete his hacking IP address in task manager. Please help.
Besides that, he has been using manipulating Bank of America(BAC) for several years, without his manipulation, BAC stock price would be over $70/share before Covid-19 market dropping last year. After I bought Wells Fargo(WFC), Li auto limited(Li), NIO Limited (NIO), Pfizer Inc. (PFE) several months ago, he has been manipulating their price and frequently dragged their price down and controlling their price.
Trying to ban my voice, he disabled all reviews functions on my several laptop computers Google, Yahoo and other major sites.
@@springw3546 netstat-ano don't exist.. do netstat -ano
@@springw3546 r u a boomer?
Google and download: "SysInternals Process Explorer" (from Microsoft) it can check all the running processes against VirusTotal. Run it, ensure Options -> VirusTotal -> Check VirusTotal is checked. You can then explore those processes with many failed checks (few can be false positive). You can also check what company made it and ignore those you know.
Nice tip bro thanks
Pro tip: if you know the hacker's IP, this will help you find the hacker.
this is exactly what I was gonna comment lol, but how would you actually know? like if you don't have their IP
or you will find the machine they are spoofing or doing a remote access from ... and get the wrong person ... you need to strip the header packet to find the final destination to get the ultimate end user of the process ... most tools DONT do this ... so they stop at the first IP and call it a day ... but the packet can then be rerouted from the remote machine to the hacker or yet another remote machine and so on ...
.
Good vid. How do you fix all the problems? Firewall and security. How do you locate (street name and door number would be best) and stop the attacker from accessing your computer?
Thank you for these information. However, you haven’t explained in detail how we can stop our systems being hacked. You mention an app, but I would like to know if the app can block hackers. Thank you.
Have an antivirus, dont bypass warnings antivirus gives you, have common sense, dont download anything sketchy and even if you do you'll probably be fine if your antivirus isnt itself a virus but dont do it anyways. Beware of phishing. The only time your system is going to be "hacked" is if you have a virus, the computer isnt like facebook that can just be hacked as it only exists in your machine.
@@phobics9498 thanks very much.
Just use common sense and don’t download random things. I recommend Malwarebytes to scan from time to time and a windows defender offline full scan which is already on your computer. Remember to read links carefully because grabifies can look like real links and double check sites you type in before going to them.
@@___-ih4ty Could you explain how to double check a site? Thanks.
@@miguelservetus9534 Sorry I’m a week late didn’t notice the comment. You can paste links and downloads on VirusTotal and it’ll scan it.
The hacker watching how I try to kill the process named "WidnowsCrytycalProkess": *nervously sweating*
ello, yu computeh has viros
I'm *"Stephen Jordan"* from Microsoft
ello sir, your computeh has viros
**discord crashes**
"zir, you have a wirus on your dextop."
Ma'em i em Jonh smith from moocresooft. Please doonleed GoTwo Assist pleas.
I am doing Loi'c course on Udemy and have got to say that he is a really good teacher. You guys are so lucky that he had this really important video up on TH-cam for free...I am too as I am fending off an attacker...Thanks Loi, your awesome! 😊
For the netstat -ano, how should I know which one is suspicious process when there are many connections with your so called funny IPs ongoing? Thank you.
To know is simply finding a non 443 and 80 in foreign address
Look closely at 4:34
@@toggledfire4148 Wrong. Hackers could use port 443 also. If you have a NAS storage drive, you might see 445 connected to another IP address within your network. If you use Steam, you might see 27039.
Any of the ones that say "LISTENING" could be malware waiting for a hacker to connect.
A better way is to use whois to lookup all the foreign IP addresses you see in netstat and see if any of them are from China or Russia or something you don't recognize. They will usually be something you recognize like Microsoft or a website you've visited recently.
If your router is set up correctly, nobody on the internet should be able to make unsolicited connections to your PC, unless your router has been hacked and ports are being forwarded. If you do see a legitimate hacker connection in netstat, you most likely already have malware on your PC and it is initiating outbound connections.
This video is a bad example, since the hacking was done from within the local network. If you ever see that happening you have worse things to worry about, since not only is your PC hacked, but another device on your network is also.
He also failed to mention that a root kit can hide itself from Task Manager so you wouldn't see it in there.
I'm confused about the netstat -ano part. How do I tell what's normal and what isn't?
look at the incoming port
I skip most of the steps by searching for the source file and then deleting from the registry with admin rights anything related to it. Reboot and you'll be ok. No need to go through all the networking stuff. Unless you got into the deepweb unprotected and had to format c:/>. Good video though 👌
Good video....makes you want to look at your system and see if anyone is trying on you.
the fact window 10 is easier to hacked into than previous window...
Nice England
@@TechnMetal Nice Epanishe
WoW english you good teach can ?
Don't take this seriously it's just a joke 😂
Well, no shit sherlock, u can just disable taskmanager and apps and u have full control
well it has ten windows
2:22 him: executables
captions: execute the bolts
me: execute the BALLS
This video is really helpful for me. Thank you, Sir. :)
I really learned this today. Thank you for the video, Sir.
me who has just reinstalled windows 2 days ago:
*interesting*
Thanks for the checks. Much appreciated
Good to know... thanks dude..... I am enlightened
End task is not always the best. Should right click select goto process then Right click select end process tree. This is how you kill process from the root. It is also important to find out what started the process and if it is a file that can and should be removed.
If you have Windows 10 your computer comes pre-hacked.
Signs of hacking:
The software is very difficult to remove.
The software takes control of your computer so you cannot use it.
The software steals all your info.
The software makes your computer slow and hard to use.
The software fills your computer with junk that you don't want or need.
literally everything microsoft installs by default
You know your computer is hacked when it starts asking for gift cards.
Thankyou very much for making this.. But you didnt show how to remove it completly😑😥
Well.. Good Hackers do not let you know that you are hacked and even tho you understand it in some how, they leave no traces.. so
Right click go to the source and remove completely dont end task it will just restart
"5 Signs Your Computer Has Been Hacked"
First sign: This got recommended to you
Yes but you missed the most important tactic, just f pull the dam network plug. 😑
Correct, I waste time TB the windows the hacker already encrypt all my data.
And make sure that the locks on your door take 8 hours to pick.
@@I-live-and-learn That back door is unlocked !
My pc just got hacked... they hacked my webcam and microphone. I didn't notice I was hacked until I was watching TH-cam and suddenly, my pc randomly said "We are an anonymous religion." I checked what it was, and when I hovered into the microphone thing at the bottom right in Windows 10, it said "Test is using your microphone." That's when I started to really panic. I also had my cam up, well my desktop(dell) had that default cam that you can push back to hide it or not. In this case, my cam was up, and I noticed it had that white glow. After that, I saw myself on my own screen, and saw that they recorded me. They even had the nerve to put themselves into my wallpaper. Of course, I first checked my accounts and turned off my wifi. There wasn't any important files in my desktop anyway. They locked up my desktop, like there was this black screen with some Password thing. I tried to restart again and again, and did "Bitlocker." It still didn't work. This was my first time getting hacked, and I was really sacred. Please reply to me asap if you have any idea on how to deal with this.
no one :
baljeet : *Hello Your Computer Has Virus*
So this is only when the hacker is manually accessing to your computer, right? But how to know if your PC has a malware instead?
High CPU or disk usage, and an unusual program or duplicates of usual programs. Sometimes malware just sits in your file folders without showing up in task manager, though.
I left my wireless keyboard in my sister's room and she started smashing it and it was connected to my pc so i fricking thought i was hacked 😂😂
for sure the best way to be safe is to save all important Doc to an offline drive it shouldn't be available and whenever used first disconnect the cable.
Yang
Make a video about linux and unix risk factors
Good info for intermediate Windows users, not too easy for beginners. But am liking and commenting for the YT algo.
Let be honest, everybody is checking now task manager
I did, power shell's running but its an important program that needs to run.
Now i need to do a 5yr IT Course just trying to determine if my PC is hacked
Me without a computer: interesting...
Edit: holy shit why is such a simple comment causing a war in the reply’s, I guess this is the internet after all
When I say I don’t have a computer I don’t mean a phone since some people think phones are computers. I don’t have a actual computer a PC or a laptop is what I mean. I’m actually surprised and disappointed I had to explain this
Same lol
How the fuck do you not have a computer in 2021 lmao
@@kevinflaherty1 not everyone has a computer or needs one really, I just use my phone and ps4 and they do the job. But I might get a laptop soon
@@kevinflaherty1 because someone may be poor? Duh
Same 😂
Hate those moments when your browser crashes or Steam opening for no reason and you think your hacked.
Amazing 😍❤
Nope
Some elaboration would've been nice on the command prompt segment... how are we supposed to identify "fishy" established connections?
FBI spying us all:
So funny son 😂
Rule 1 should be is to disconnect from the internet once you know you are hacked
ye
one of the signs was that i got this in my recommended
Ive got a weird problem thats been around for a few months, since I think may 17th 2022, where windows security immediately closes, along with some other security things, and some software from my computer(armorycrate which is for ASUS computers) and the taskbar does not work but apps can still be clicked on, and search bars never finish searching anything(in file explorer as its all I can open, and settings) Ive tried a dozen things and theyve never worked, Ive checked files in task manager and I cant find anything, my dad always jumps straight to scorched earth with "just restart the computer, you can save docs but otherwise you're letting hackers steal your credit card info and other things" but nothing has happened, I feel it in my gut that its some absurd bug or error cause by hardware issues(my battery had a bulge but I havent been able to check so I feel like it could have ruptured or messed with the boards I really dont know) or just some setting that I dug 12 layers deep and toggled but wont ever remember where I went to get to it. Its frustrating and I dont want to just torch my laptop.
Seriously, i didn't understand a bit , still watched the full video
Do you watch Mr. Robot? 😃
@@Spartan11117777 Pathetic socialist show.
In which time you are living in 2010?
You have just scratched the surface
I agree but at least the cmd is useful to check
1 sign that your computer 's been hacked - this video is in your top youtube recommendations
Hello, thank you for this very educational video. I was recently hacked, How you you protect oneself from a hacker whose hacked the laptop and hopefully not the phone or security cameras? So far I did a manual factory reset having called Samsung but I'm now so paranoid about this despite not having much to hack the fact that I was hacked has been very traumatizing. Just want to know how to make sure I have saved the hard Disc and have no root kits and everything else I need to do.... kindly appreciate it in advance
just install Bitdefender or Kaspersky and that is
So, what is normal then? Like what process should be there and shouldn't and how do I know?
It's not normal if you have PowerShell running but you don't see it's window :-)
4:45 how do i tell that's a hacker listening and not a normal connection?
Thanks for watching..Your a legend....Thank God you were born and help defenceless people..😊
K
thanks for this content, really nice to have some knowledge of security
Incredible information! Thank you!
why did this appear in my recommended lol
There is no reasonable way to quickly identify harmful ports just by reading them. You could however do exactly what a good antivirus does and automatically reference your connections with a database of potentially dangerous ports or addresses*.
i looked this up coz yesterday my webcam turn on even though i didnt open camara
same and then i heard some random dude through my audio
@@yxsz8936 bro that's honestly scary ngl. I would suggest disabling camera and input volume and check if there's a keylogger
@@speedwagon3447 Ik I was so scared because I just finished watching the conjuring before that then I randomly heard "ugh hee
@@yxsz8936 Bro ... try getting that checked out at a computer shop. I'd rather be safe then sorry
@@speedwagon3447 yep I did they said my wif is being lagging bc somebody has been downloading weird files on my pc
plot twist: *the hacker hacking me is watching me watch 5 signs your computer has been hacked because I'm hacking him.*