How to know if your PC is hacked? Digital Forensics 101

แชร์
ฝัง
  • เผยแพร่เมื่อ 23 ธ.ค. 2024

ความคิดเห็น • 438

  • @pcsecuritychannel
    @pcsecuritychannel  2 ปีที่แล้ว +8

    More advanced version of the video, going through RAM forensics with Volatility: th-cam.com/video/VK3fvNFGAzE/w-d-xo.html

  • @V1c7ori0us
    @V1c7ori0us 3 ปีที่แล้ว +932

    Great video,I would like to add a small note.
    When uploading files to Virustotal they are made public meaning everyone can download them.
    So don't upload files that contain potentially sensitive information/credentials.

    • @SuperSohaizai
      @SuperSohaizai 3 ปีที่แล้ว +40

      Yeah I almost did something similar, so I'm going to push this up

    • @Hikari_Sakurai
      @Hikari_Sakurai 3 ปีที่แล้ว +119

      They should clearly state it as a warning message before uploading.

    • @amogus7
      @amogus7 3 ปีที่แล้ว +2

      They get hashed??

    • @V1c7ori0us
      @V1c7ori0us 3 ปีที่แล้ว +9

      @@amogus7 The full file can be downloaded from the API

    • @lolitaras22
      @lolitaras22 3 ปีที่แล้ว +49

      @@Hikari_Sakurai "By submitting data below, you are agreeing to our Terms of Service and Privacy Policy, and to the sharing of your Sample submission with the security community. Please do not submit any personal information; VirusTotal is not responsible for the contents of your submission. Learn more.". That's the first thing you read when entering the site, what else they can do?

  • @Revan-kq7ih
    @Revan-kq7ih 3 ปีที่แล้ว +120

    Just registered at interzer. I have to say I am impressed by it's capabilites. This does give me a much better feeling when using community fixes to ancient games, that don't run on Windows 10 otherwise. I only wish they would offer the upload of bigger file sizes with the free version, even if one were only be able to upload one big file a month. The installers for some mods tend to be multiple gigabites in size.

    • @maestreiluminati87
      @maestreiluminati87 2 ปีที่แล้ว

      @@Unknown_Genius you just have to find the right community, others will usually do scans and scan each file uploaded in their domain but one can never be too careful

    • @Klara988
      @Klara988 2 ปีที่แล้ว +2

      Yeah somehow I just have a bad feeling about mod community even if it trustworthy there can be still bad guy among them right? I use bitdefender as a AV, right now I am safe but still have a bad feeling about mod in my PC anyway (I download mod from Nexus and steam community I always hate game dev that not fix bug because I have to download fixed patch from modder(which is stranger) instead😞)

    • @NightmareRex6
      @NightmareRex6 2 ปีที่แล้ว

      @@Klara988 its possible yes, more likely wah ti think is to happen is say oen th emodders themselves is infected and dosent know and it speads to the file when its thir turn to work on it. althugh sitse like nexus mods seem to do a virus scan im not sure how good it is.

  • @terrylandess6072
    @terrylandess6072 2 ปีที่แล้ว +9

    I remember becoming infected with Malware quite awhile back. Using some of these techniques I began eliminating certain files with a specific date. When my system failed to restart and the BIOS(?) gave me missing file names, I was luckily able to find, copy to 3.5"disk, and transfer to the affected system these missing files (which I had deleted). Eventually I was able to get my system running. I made a copy of all the files I wanted to save, and then reformatted the system and reinstalled Windows. WHEW! You live and learn . . . . .

    • @terrylandess6072
      @terrylandess6072 2 ปีที่แล้ว +3

      @@apdkfjei Did the word 3.5" disk pass you by? They didn't have USB then, but thanks . . . .

  • @abitterberry2149
    @abitterberry2149 3 ปีที่แล้ว +32

    A.K.A. What you should do if you waited for the tierlist to choose your AV.
    I really like this new content! Our ignorance of computer inner workings is the highest vulnerability so teaching us things like that is gold! thank you!

  • @gevelegian
    @gevelegian 2 ปีที่แล้ว +31

    One of my best "antiviruses" is being very aware of my computer, most of the times I found viruses or rootkits just because my fans worked harder than I was used to.

    • @asteelcup859
      @asteelcup859 2 ปีที่แล้ว +12

      By the time you notice that it's already too late. Be proactive and *prevent!* A good antivirus (NOT Windows Defender) safe(r) browsing practices, oh - and change all your passwords right now! Who knows if you've had a snooper or keyloggers (those don't consume much resources at all).

  • @Sica1000
    @Sica1000 3 ปีที่แล้ว +48

    you could zoom more to the programs, my eyes hurts.

    • @75hilmar
      @75hilmar ปีที่แล้ว

      Get a bigger phone 😂 just kidding

    • @tvviewer4500
      @tvviewer4500 หลายเดือนก่อน

      Your phone zooms

  • @AtlasVRC
    @AtlasVRC 2 ปีที่แล้ว +35

    Would love to see something like this for phones, they are pretty much hand held computers with all kinds of sensitive data that needs protection.

    • @Josh_James76
      @Josh_James76 2 ปีที่แล้ว

      I agree

    • @nlx78
      @nlx78 2 ปีที่แล้ว +4

      Yeah, and barely proper AdBlock, having people accidentally click on a miniscule x to close it but actually open up a page that might install something. Thankfully, Russian hackers are kind of occupied now, one less problem.

  • @2rosaleen
    @2rosaleen 3 ปีที่แล้ว +26

    Followed the link, so sad it premieres right before I go to work. Excited to see this video though. I love this channel! ❤️ Yay~

    • @pcsecuritychannel
      @pcsecuritychannel  3 ปีที่แล้ว +11

      You can join the discord anyway for future events. Mostly we plan on doing these during the weekends.

    • @2rosaleen
      @2rosaleen 3 ปีที่แล้ว

      @@pcsecuritychannel I am part of the discord, I appreciate your response~

  • @alangrant5684
    @alangrant5684 2 ปีที่แล้ว +13

    A tip to share: Often look at your Tasks regardless. This will eventually make you very familiar with what should be there and what looks not right.

    • @kolbymonroe5569
      @kolbymonroe5569 2 ปีที่แล้ว +1

      you know maleware can inject into system processes. It's called a runtime exploit and this is used to bypass anti-viruses when running. Best way to find maleware on your computer is to monitor network activity. it is much more effective than looking at processes.

    • @kolbymonroe5569
      @kolbymonroe5569 2 ปีที่แล้ว +1

      runtime exploits are very common and are easy to code for someone who has some schooling.

    • @kolbymonroe5569
      @kolbymonroe5569 2 ปีที่แล้ว

      @@Unknown_Genius please speak english

    • @alangrant5684
      @alangrant5684 2 ปีที่แล้ว +4

      @@kolbymonroe5569 Who says one can only do one or the other? Run all the anti-malware you want sure, so are you saying it's not worth also getting familiar with your running processes?? I gave a tip that you or anyone can take or leave, but I'm sharing it because it has served me well for over 40 years on computers so far. I can open up my Processes now and know right away what they are and which are new and look suspect. It's not definitive but it really does help.

    • @roguewasbanned4746
      @roguewasbanned4746 2 ปีที่แล้ว

      Yeah that’s what I do. Any outright weird task will be spotted immediately

  • @d4rknyt
    @d4rknyt 3 ปีที่แล้ว +13

    Great idea for future videos. Very interested and looking forward to them! Thanks for the great content.

  • @itsme7570
    @itsme7570 2 ปีที่แล้ว +3

    Keep this series going please!!!! Cyber sec student studying windows workstation RN and learning a lot from you

  • @itenthusiast5988
    @itenthusiast5988 2 ปีที่แล้ว +2

    Another great video . Have seen and read many videos and articles on this topic but yours seem crisp, content and straight to the point with clear explanations. Thank you

  • @courageousmelon5654
    @courageousmelon5654 3 ปีที่แล้ว +42

    Senior support engineer at a middle sized European university here:
    Step one is a bit useless. The standard user really is not gonna be able to distinguish the good from the bad, unless the process is named with "trojan" in it or something like that, which is ofcourse highly unlikely.
    It will probably cause more concern, because the user will see a lot of "unknown" processes that are perfectly fine and necessary.

    • @mcasillasr
      @mcasillasr 3 ปีที่แล้ว +4

      So wich step of this video is for "standard users"? I mean... this channel is focused on "technical users"

    • @alu9949
      @alu9949 3 ปีที่แล้ว +12

      @@mcasillasr This video is supposed to be for beginners

    • @courageousmelon5654
      @courageousmelon5654 3 ปีที่แล้ว +3

      @@mcasillasr Alu has already said it, but yes... this video is for beginners. It is literally said in the introduction...

    • @DFX2KX
      @DFX2KX 3 ปีที่แล้ว +1

      @@PaulTietjens one of the very first things I do on a fresh system install is take a good long look through the processes. certain programs I straight-up know all of their process names (FAH_Core being one that comes to mind because I run fold@home, but there are several that spawn when you open various game-clients, too.)

    • @courageousmelon5654
      @courageousmelon5654 2 ปีที่แล้ว

      ​@@Unknown_Genius Your Phone is literally the displayname of the app... I don't see your point in this regard. It is the way it should be.

  • @malwaretestingfan
    @malwaretestingfan 3 ปีที่แล้ว +44

    Very interesting video, Leo. Sysinternals AutoRun and Process Explorer are also very helpful.

    • @emiyakiritsugu6329
      @emiyakiritsugu6329 3 ปีที่แล้ว

      What r those if I may ask, kind sir~
      Something delicious to eat 😋

    • @emiyakiritsugu6329
      @emiyakiritsugu6329 2 ปีที่แล้ว

      @@shinjironaosuke7920 Ara Ara~ may I step on you, darling…

  • @WirableCrown1
    @WirableCrown1 2 ปีที่แล้ว +6

    My FBI agent and I really enjoyed this video, thanks mate!!

  • @alipetuniashow
    @alipetuniashow 3 ปีที่แล้ว +18

    Love these tutorials

  • @martinchocoo
    @martinchocoo 10 หลายเดือนก่อน

    I love you The PC Security Channel, please never go away

  • @chrisking2196
    @chrisking2196 3 ปีที่แล้ว +31

    Great work Leo as always. Question I also check network activity and traffic as means to check data transferring. I know this was a basic intro into Digital Forensics but this could also used as another tool in the toolbox to detect malicious activity? thanks

    • @leovonpoozle9990
      @leovonpoozle9990 3 ปีที่แล้ว +1

      thanx?

    • @user-zp5yu6pg6r
      @user-zp5yu6pg6r 3 ปีที่แล้ว +2

      Process Hacker 2 does this. If something is sus, block it with a Firewall and test whether it's working

    • @NightShooter87
      @NightShooter87 2 ปีที่แล้ว

      This isn't Digital Forensics. It's Cyber Security. The chap who is doing this, has got mixed up. DF deals with criminals using triage, hard drive analytics etc etc.

  • @bobbyb42
    @bobbyb42 3 ปีที่แล้ว +2

    I'm so excited for this series. It's just what ive been looking for

  • @fistpunder
    @fistpunder 2 ปีที่แล้ว +3

    I like the way your taskbar icons are centered.
    could you show how that is done?

    • @frikinmaya4301
      @frikinmaya4301 2 ปีที่แล้ว +1

      i believe that is the default layout on windows 11

  • @merlina9559
    @merlina9559 2 ปีที่แล้ว +11

    Malwares can be "Stealth" , meaning that if you run Task Manager the malware will stop until you close task manager. Any idea how to get rid of that ?

    • @srimanproductions8396
      @srimanproductions8396 2 ปีที่แล้ว +5

      using resmon in run is another alternative but takes a a while to master

    • @kr-sd3ni
      @kr-sd3ni 2 ปีที่แล้ว +8

      well, always open task manager, malware doesnt work *taps head*

    • @eeurr1306
      @eeurr1306 2 ปีที่แล้ว

      @@srimanproductions8396 What does using resmon in run mean?

    • @grandtheftautoexpert2040
      @grandtheftautoexpert2040 ปีที่แล้ว

      @@eeurr1306 You use the resource monitor, and each tab has a set of processes related to the tab e.g. disk tab process with disk usage. Though it's less readable than the task manager, which is why he said it takes a while to master

  • @Calisota
    @Calisota 2 ปีที่แล้ว +1

    1:55 "Restart your computer - turn it off and on again" I wanna budge in there real quick because thats not how this works. Windows 10 and 11 both dont shut down if you shut down the PC or press the power button on your case. they go in deep sleep. they page all RAM and go into hibernation until you press the power button again.
    A real reset happens if you RESTART the machine. thats why drivers and windows ask for a RESTART and not a shutdown. if you would just calmly shut down and reboot, you'd end up with mostly the same services running again.

    • @davidfishwick5573
      @davidfishwick5573 2 ปีที่แล้ว

      That's true. I found that out when i disabled a service in the registry (it was greyed out in services), yet despite the fact that in services the service now said "Disabled", it was still running! Even though id turned the machine off and on more than twice! Only when i did a restart did it disable, and finally stop launching fully.

  • @stoexposure428
    @stoexposure428 3 ปีที่แล้ว +2

    Thank you for posting this video. This has helped me a lot. Have a great 2022 New Year!!!

  • @stevemury2348
    @stevemury2348 ปีที่แล้ว

    The service that you provide humanity Deserves more recognition

  • @davidwildermuth6796
    @davidwildermuth6796 ปีที่แล้ว

    Great Video. Look forward to gaining more knowledge from this Channel

  • @pcsecuritychannel
    @pcsecuritychannel  3 ปีที่แล้ว +9

    There will be a live discord workshop on Discord right after this video premiers! Join here: discord.com/invite/nxCtSMaP?event=925373517367742496

    • @fede6991
      @fede6991 3 ปีที่แล้ว

      ok

    • @_BangDroid_
      @_BangDroid_ 3 ปีที่แล้ว

      Discord wants my mobile number to join, never had that request before

  • @dot32
    @dot32 3 ปีที่แล้ว +1

    kinda wild that i've actually walked on the bridge in your desktop wallpaper

  • @elmergardner
    @elmergardner 3 ปีที่แล้ว +13

    Minor suggestion, the text is difficult to read, you should lower the display resolution when recording these videos

  • @gautampatel8540
    @gautampatel8540 3 ปีที่แล้ว +2

    Fabulous, Helpful & Informative🔥🔥

  • @johnnymiller3793
    @johnnymiller3793 3 ปีที่แล้ว +7

    Excellent stuff, as a previous I.T. person this video has helped me review over some stuff I have forgotten about just in these past few minutes. Well drawn out and put together.

  • @dylanh333
    @dylanh333 3 ปีที่แล้ว

    Just a random observation: your wallpaper is the Elizabeth Quay pedestrian bridge from the city where I live, Perth!

  • @oldrockgeeser9426
    @oldrockgeeser9426 2 ปีที่แล้ว +4

    Doesn't anyone ever wonder why the more we get protected the more we need protection. After millions of security updates and many many protection programs VPN and so on everyday we hear that we need to protect ourselves more and more, seems we need to ask questions as to why?

    • @jonny6702
      @jonny6702 2 ปีที่แล้ว +4

      Because things are constantly changing. Each component has other components that it depends on. A part of windows might update, and include updated dependencies, and one of those dependencies could have added a new feature. One small oversight in any part of the chain and a new vulnerability is introduced.
      An application may depend on 100 different libraries, and each of those libraries could depend on another library to function. You end up with tons of links in the chain and if one of those links have a vulnerability, it can be exploited by bad actors.
      Nothing will EVER be 100% secure. Never. There will always be vulnerabilities being introduced and patched in a cycle. It's impossible to have the foresight to know that your code can never be exploited. The battle will go on forever, and it only gets more complex. There could be thousands of untapped vulnerabilities in the software on your PC, just waiting to be discovered. Sometimes, vulnerabilities are found in decade old software/libraries. The issue was always there, it's just nobody had found it yet.

    • @kaldemvor
      @kaldemvor 2 ปีที่แล้ว

      The more complicated technology and programs become, the easier they get to disrupt.

    • @lordfatcock
      @lordfatcock ปีที่แล้ว

      The people creating the malware are constantly having to improve. So the market is pretty crowded which means developers are gonna go above and beyond to be better. A good example is the cold war or just any arms race. Plus they work 24/7 on finding exploits, the same goes for white hats who are also looking to find those exploits first and close them. Luckily platforms offer cash rewards to find these exploits thus the war goes on.

  • @Unlmtdprogress
    @Unlmtdprogress ปีที่แล้ว

    Thank you so much. I often get real weird wifi connectivity/disconnects at times or my laptop will suddenly start running the fans really fast and it will at the same time slow down everything.. and it happens in weird cycles-- and im not srue if thats normal, so I thought maybe I was being hacked.. This video and software help quite a bit. Idk if you mentioned the PID thing in task manager but I think thats important too

  • @CoolJosh3k
    @CoolJosh3k 3 ปีที่แล้ว +2

    Text on screen is really small. Even at 1080p in full screen it is hard to read.

  • @NhoyBarangay
    @NhoyBarangay 3 ปีที่แล้ว +1

    I usually do basic cross reference from Task Manager and netstat -no on the command prompt.

  • @bledlbledlbledl
    @bledlbledlbledl 3 ปีที่แล้ว

    The title of the video reminds me of some of the banner-ads I used to see (haven't recently):
    "Is your PC infected with steathware? Download our special detection utility to find out, and get rid of the viruses" :P

  • @kibagami25
    @kibagami25 3 ปีที่แล้ว +3

    great video please make more and also make some of these videos for people that have been in tech for a while.

  • @csparty11
    @csparty11 3 ปีที่แล้ว +14

    What should i say about this, most people won't notice malware until they get some problems. But if the malware is intelligent it won't show itself and just steal your information or whatever it's suppose to do. It will hook itself in to a windows system file or some popular program file, and uploading this file to a website will only show that a part of the file has been encrypted. Obviously most of that blob will contain the malicious code. Windows Defender or any other scanner won't ever find it. If you're lucky you might see some
    suspicious traffic but that all depends. All the methods shown sofar won't reveal this kind of malware. So i hope you have something better coming up.

    • @Anthony-kj3xw
      @Anthony-kj3xw 3 ปีที่แล้ว +1

      There's a saying "Malware can hide but it must run". Everything will unencrypt itself to run in memory, by then hopefully AV can flag something. For really advanced threats, it's gonna be more about noticing abnormal behavioral and execution. But this is good and relevant stuff for intro.

  • @jamiedias
    @jamiedias 2 ปีที่แล้ว +2

    would love to see more videos on this topic including taking memory dumps and reverse engineering etc.

  • @Morpheus776
    @Morpheus776 3 ปีที่แล้ว

    ok you showed were the places are to look for suspicious stuff but i still dont know what suspicious stuff looks like

  • @BsktImp
    @BsktImp 3 ปีที่แล้ว +3

    Will you also cover port scanning?

  • @highevo
    @highevo 2 ปีที่แล้ว +1

    I have this process called Sink to receive asynchronous callbacks for WMI client application and it has incredibly high memory. More than CHROME. should i be worried this is always running?

  • @Im_DJ
    @Im_DJ 3 ปีที่แล้ว +2

    Plese make video on how to set up antivirus on pc , you can start from kaspersky both free and paid. Plze

  • @BustedknucklesProspecting
    @BustedknucklesProspecting 2 ปีที่แล้ว

    How do I recover my Facebook business page that was hacked?
    The hackers removed me from admin on my own page.
    I need help desperately

  • @dipaksinha3669
    @dipaksinha3669 3 ปีที่แล้ว +1

    Leo haven't done any K7 nor quick heal test ...pls do a video on those 2 product... thanks in advance

  • @IIlIIlIIlII
    @IIlIIlIIlII 3 ปีที่แล้ว +6

    Off topic but I'm curious as to why are you using Camtasia to record videos instead of let's say OBS or Shadowplay? I'm just curious. Good video as always!

    • @whocares7078
      @whocares7078 3 ปีที่แล้ว

      OBS is trash, That’s about all you really need too know
      I’ll leave the actual detailed reason out
      As there’s many lol

    • @IIlIIlIIlII
      @IIlIIlIIlII 3 ปีที่แล้ว +8

      @@whocares7078 Is it actually trash or you just don't know how to use it? Been my Shadowplay replacement for the past 6 years.

    • @hexogenic983
      @hexogenic983 3 ปีที่แล้ว +15

      @@IIlIIlIIlII
      He quite literally did the
      "It's bad, just trust me bro"
      No explanation no nothing. Nice

    • @KRAVER_
      @KRAVER_ 3 ปีที่แล้ว +3

      OBS is great "IF" you know how to use it

    • @ghost-user559
      @ghost-user559 3 ปีที่แล้ว

      Is there any way to screen record natively from within Windows using a built in tool?

  • @freeideas
    @freeideas 3 ปีที่แล้ว +2

    OMG this would be a giant project! If ever in doubt, I will just copy my (non-executable) documents off and wipe the HD clean. Actually, I already keep such documents backed up, so I can just skip to the wipe. :)

  • @userou-ig1ze
    @userou-ig1ze 3 ปีที่แล้ว +3

    would a simple pi-hole be sufficient to capture potential c2 servers, and how would we identify them? Or is it mandatory for the malware to keep track of dynamic dns', and therefore it's tracable?

    • @keepanopenmindlookatallthe2540
      @keepanopenmindlookatallthe2540 3 ปีที่แล้ว +2

      I've found that using pfSense as a virtual firewall and web proxy catches a lot of malware
      It does take some configuration though

  • @SylphidUndine
    @SylphidUndine 3 ปีที่แล้ว +1

    i immediately recognise the elizabeth quay bridge

  • @joelanzo
    @joelanzo 3 หลายเดือนก่อน

    What about Process injection where malware could replace a legitimate Process?

  • @moh.hamoda
    @moh.hamoda 2 ปีที่แล้ว

    Great video.. keep running

  • @JimCKD
    @JimCKD 3 ปีที่แล้ว +3

    Τhats a very good vid, or better a very good series of vids, as it seems. Are u planning to do vids about other OS, like MacOS and Android? I think that would have been interesting, too. Anyway, thumps up for your always useful vids! 💯

  • @acengland82
    @acengland82 ปีที่แล้ว

    is the software that runs in thee background that can do/monitor all this (or close to it)? or does something like kapersky do it already?

  • @imbuidoneillloydl.7997
    @imbuidoneillloydl.7997 3 ปีที่แล้ว

    and also check for task scheduler if there's malicious task and check for startup

  • @OthmanAlikhan
    @OthmanAlikhan 3 ปีที่แล้ว +1

    Thanks for the video =)

  • @TheHarway
    @TheHarway 3 ปีที่แล้ว +7

    Had a bitcoin miner and didn't even know! thank you so much!

    • @CYNC33
      @CYNC33 3 ปีที่แล้ว +3

      TH-cam seems to enjoy deleting my comments about this. Just please thoroughly check your computer. Could be more than you think.

  • @keppela1
    @keppela1 2 ปีที่แล้ว

    Had to stop a third of the way through - I have Win 7 and it doesn't show a startup tab in task manager.

  • @deephish
    @deephish 2 ปีที่แล้ว +2

    This is a bit basic, most hackers are much more advanced than this. They will install a DLL which is hooked by a system process, running everytime something such as the explorer shell is opened. It will never show up in the task manager because it is a subprocess.

    • @Reason_over_Dogma
      @Reason_over_Dogma 2 ปีที่แล้ว +1

      This is a beginners video, my guy. It's meant as an introduction

  • @karlwalker1771
    @karlwalker1771 2 ปีที่แล้ว

    This Is Better Than A murder Mystery :)

  • @hul8376
    @hul8376 3 ปีที่แล้ว +1

    Great video!

  • @wurf5336
    @wurf5336 ปีที่แล้ว

    awesome video! :)

  • @-GameHacKeR-
    @-GameHacKeR- 3 ปีที่แล้ว +3

    can't wait for the ZoneAlarm Free Antivirus vs Kaspersky test to see if they behave the same since ZoneAlarm uses Kaspersky ... Doesn't it?

    • @GainingDespair
      @GainingDespair 3 ปีที่แล้ว

      They do use Kaspersky for signatures, most modern day solutions use multiple means to determine if a file is malicious. Signatures is just a list of known malicious software, it isn't capable of determining if a file is malicious if it's not on the list.
      Signatures are half the battle really a second line of defense, it's propriety software which is the front line. ZoneAlarm has their own, they do not use Kaspersky for this, just the signatures. Signatures do help speed up scans, and they are handy to have for sure, but signatures mean absolutely nothing at all the first time malware is encountered (zero day), as Kaspersky will have no signature for it.
      This than falls on their proprietary software to determine if it is safe or not, but once Kaspersky has determined if it is safe or not the signature is added to their list.

    • @castlerock7423
      @castlerock7423 2 ปีที่แล้ว

      Zone alarm is ok if you use it's firewall or if it comes with it, but Kaspersky has always had exploits in it from what I've gathered.

  • @bartdaw6681
    @bartdaw6681 3 ปีที่แล้ว

    I have a Lenovo laptop and every time I get a bios update from Lenovo the laptop slows and becomes choppy for a week, it has been that way since I bought it new.

  • @brownlife03
    @brownlife03 2 ปีที่แล้ว

    Alright going to check it out later today my laptop & desktop all in one been acting suspicious

  • @bruuhbruuh8122
    @bruuhbruuh8122 2 ปีที่แล้ว

    I got a question can you check big files before installing it? There's files total virus can't scan due to max size.

  • @scarecrow9307
    @scarecrow9307 ปีที่แล้ว

    even if my pc is hacked. will it help if I reinstall windows deleting everything from my drives?

  • @Jason-zh7wo
    @Jason-zh7wo 2 ปีที่แล้ว

    Great info thanks 👍

  • @madero-jb5ri
    @madero-jb5ri 2 ปีที่แล้ว

    I have another question. How do you make your windows taskbar look like that...😲😲😲

  • @technicallyme
    @technicallyme 3 ปีที่แล้ว +1

    Is windows 11 safer or the same as 10 ? And is the Mac M1 chip safer than Intel chips ?

  • @carl9235
    @carl9235 3 ปีที่แล้ว +2

    Could this be used to boost performance on your pc?
    For example, disabling discord/steam/epic/chrome/edge/oneNote

  • @usamac4108
    @usamac4108 2 ปีที่แล้ว

    Looks like the Discord link has expired.. Will anyone provide an updated invite link to the server? Or was that a temporary server for the workshop alone?

  • @DarkGT
    @DarkGT 3 ปีที่แล้ว

    How would you tell on Linux or Mac? What if is masked like regular service or program?

    • @DFX2KX
      @DFX2KX 3 ปีที่แล้ว +1

      the equivalant on Linux is 'ps' in the terminal if memory serves. Linux (and Mac, they're both UNIX-based) work differently, so you've got less to worry about, but there are some things to look for.
      You can go into your list of repositories (what that's called varies by distribution, think Mint calls it Software Sources? something like that, haven't touched it in months) and look for anything that's suspicious.
      you can run ps and go looking around. lspci and looking for loaded modules in GRUB can be another place to have a peek. But since it's tricker to get malware onto a Unix based system in the first place, most linux malware tends to be pretty well hidden overall and will require a certain level of expertise (or booting into a liveCD to have a look at the drive that way) to track down.

    • @DarkGT
      @DarkGT 3 ปีที่แล้ว

      @@DFX2KX Very good explanation. Thanks a lot!

  • @kevinhadinata6406
    @kevinhadinata6406 2 ปีที่แล้ว

    i wonder if we install malicious files from website with windows device encryption/ bitlocker on, can hacker still pass the bitlocker?

  • @dpro369
    @dpro369 2 ปีที่แล้ว

    How do you know when your PC is hacked? It's when Indian call center calls you !

  • @JohnDoe-bq5oo
    @JohnDoe-bq5oo 3 ปีที่แล้ว

    good series idea , def make more!

  • @mirroredchaos
    @mirroredchaos 3 ปีที่แล้ว +1

    I wonder if there is a way to do this on a mobile device.
    a lot of anti malware programs just scan apps and spare files but they don't dig any deeper.

    • @taupi5246
      @taupi5246 3 ปีที่แล้ว +1

      You'd need Root access for that unfortunately. It's really hard to access an exhaustive task manager on mobile.
      On the flip side it also means it's very hard for mobile malwares to actually need root access to be detected and removed. Most mobile malware come embedded into some apps, which are installed through user permissions and cannot be hidden.

    • @malwaretestingfan
      @malwaretestingfan 3 ปีที่แล้ว

      @@taupi5246 Actually, Dr. Web for Android scans also system files without necessarily needing root access, it found a malware like Triada hidden in my phone. If anything, root access is needed to remove them (and, at least in my case, flashing the phone with another firmware).

  • @LemonFalls
    @LemonFalls 3 ปีที่แล้ว +2

    Great video. , I think you could go even further and check packets activity throught a packet sniffer.

  • @Biggarou
    @Biggarou 3 ปีที่แล้ว +4

    Moral of this story is, stay off of janky sites.

  • @AviatingRandom
    @AviatingRandom 3 ปีที่แล้ว +1

    What AV do you use?

  • @k1llerwafflez821
    @k1llerwafflez821 2 ปีที่แล้ว

    So im rly scared bc for some reason there has been multiple unkown deviced connected to my wifi and i dont know what to do..

  • @thirien59
    @thirien59 3 ปีที่แล้ว +1

    what about rootkits ? can they really compromise a windows system ?

    • @chris-pw5ck
      @chris-pw5ck 3 ปีที่แล้ว

      @@VioFax *paranoia kicks in*

  • @epicmodz1546
    @epicmodz1546 2 ปีที่แล้ว

    great video, I do need some help as something is stealing my passwords as I am getting log in requests from all over the world and password changes. The discord link is not working and need the workshop help please.

  • @sdfffdsf3t
    @sdfffdsf3t 2 ปีที่แล้ว

    I’ve seen some more advanced malware which terminates itself when task manager is open

  • @aderitosilvachannel
    @aderitosilvachannel 2 ปีที่แล้ว +4

    This is useful, but it's too basic. Any "decent" malware will have some kind of survival mechanism, that re-registers itself on the system and prevents basic things like these.

  • @spartanbhagwa7066
    @spartanbhagwa7066 3 ปีที่แล้ว +1

    Can anyone help me please, I am facing a big problem with my wifi, when I run a game my wifi is disconnected and when I try to reconnect it says"can't connect to this network", I have tried everything including updating drivers, reinstalling the network adapter, network reset, etc. I only happens when I play games, please any help is appreciated.

    • @doomsday7699
      @doomsday7699 2 ปีที่แล้ว

      Found a solution?

    • @spartanbhagwa7066
      @spartanbhagwa7066 2 ปีที่แล้ว +1

      @@doomsday7699 I found out that Microsoft's games were causing this problem, had to uninstall them games and reinstall the network adapter drivers.

    • @doomsday7699
      @doomsday7699 2 ปีที่แล้ว +1

      @@spartanbhagwa7066 ah I see. Thanks!

  • @Master777with69
    @Master777with69 3 ปีที่แล้ว

    Q. Hey is there any website like virus total which enables us to scan huge sized games/apps?

  • @lsj624
    @lsj624 3 ปีที่แล้ว

    Where do I look on a linux Mint system for these issues?

  • @chesshooligan1282
    @chesshooligan1282 ปีที่แล้ว

    I have an entry in Autoruns called totally-not-a-virus.exe. Should I delete that?

  • @Jon6429
    @Jon6429 2 ปีที่แล้ว

    Good video but don't forget the router as not every hacker wants to get inside your PC. Some just want free untraceable Internet access. So if your WiFi password is only eight characters long and is the same one that came installed by default, then you might want to change it... along with the internal Admin Password. Occasionally you'll also come across folk still using the WEP encryption settings, it's getting rarer thankfully but it still happens. Be kind to them.

  • @narendrapanse7844
    @narendrapanse7844 3 ปีที่แล้ว

    Bless you, lad!

  • @CameroniMusic
    @CameroniMusic 3 ปีที่แล้ว +2

    Someone I was friends with on discord got hacked and sent me a virus, could I send it to you to look at it?

    • @xMicrostar
      @xMicrostar 3 ปีที่แล้ว +3

      Just don't donwload it lol

  • @matthewaislabie7354
    @matthewaislabie7354 2 ปีที่แล้ว

    Are you from Perth ?

  • @GorillazMach1
    @GorillazMach1 3 ปีที่แล้ว

    You should do a video about different task managers. Like anvir task manager. Etc

  • @jackcrowder9830
    @jackcrowder9830 3 ปีที่แล้ว

    Thanks this is a great check list

  • @meethamin427
    @meethamin427 2 ปีที่แล้ว

    hello sir i have an serious issue pls reply!!!
    my window quick scan is stuck
    My task manager is collapsing as soonn as i open it
    and the when i did cleanmgr >>c drive>>delete file>> it also collapsed
    pls sir reply and let me know anything if i can do

  • @donaldnaber7546
    @donaldnaber7546 2 ปีที่แล้ว

    CTRL-Shift-Esc doesn't work on my PC but I use Arch Linux...

  • @josephjamessr3375
    @josephjamessr3375 2 ปีที่แล้ว

    Can you provide a link to system internal because when I try to go to the website it wants download a Firefox extension and redirect me to a different site then system internal.

  • @AliYar-Khan
    @AliYar-Khan 2 ปีที่แล้ว

    All my files in PC are converted to voom file ... How I can retrieve my data

  • @xXHellFighter13Xx
    @xXHellFighter13Xx 2 ปีที่แล้ว

    Discord link please the one in description is expired