The video is not complete. I always recommend checking the following: - Task Manager - Netstat - shell:startup - shell:commonstartup (missing) - registry HKCU run - registry HKLM run (missing) - task scheduler (missing) - registry wininit (missing)
he also missed dll locations for checking if dlls where hijacked and registry ms-settings\shell\open\command for uac bypass with fodhelper and installed drivers
@@Wisxpee just use antivirus and check files better, linux is hard in a lot of moments for the average user (playing games, using windows software, finding drivers and many more)
This was a great video. One note is to explain what the options do within the command so that can be demystified to a typical user. Will be using this vid as reference fr
Thank you so much, Sometimes in my pc cmd appears and disappears my mouse freezes and i see your video i saw startup programs method i checked taskmanager and i see double salih (user name) i used shell:startup and i see an app named fluxus 1.2v (an roblox exploit) i was opened it this like 5-6 day before now i know who is this i deleted and another salih (user) in task manager disappeared and after i delete it Windows defender is detected too. (in trashcan) Maybe you saved my life the hacker can steal my infos etc (sorry for bad english)
The way you showed to get rid of a dll based malware is kinda useless due to most malware using manual mapping injectors and avoiding using loadlibrary because its easy to trace but good vidoe ❤
Yoooo. I'm from the Philippines! Just as you uploaded your video, I saw it right away. I’ve been watching your videos for a long time. Keep it up, dude.
Hey ebola man! I really love your content all the way to the fact I have started a new channel! I really love your content and it has inspired me so much!! Thank you for being such a good inspiration!
my mouse sometimes moves to a corner randomly, and the command prompt sometimes opens up for a milisecond, but it has happened less than it used to, the weird part is that it’s new, i bought it a few months ago from a trusted store. my ram is also usually at 10gb with only discord and opera gx open.
Reinstall the system from an official iso installed from another PC, I don't think it's worth trying to delete the malware, some of them multiply in the directories, you could delete one, deactivate them but there is always a risk that they remain.
steamrip is a lot faster and safer than steamunlocked AFAIK/FWIH. Only thing you typically have to worry about is false positives flagged by your antivirus, and maybe ads although it shouldn't be much of a problem if you run an adblocker. You can typically run everything through virustotal if you want to be sure.
Steamrip *should* be a lot safer and faster as far as I know, or from what I've heard anyway. Only things you have to worry about are "FP" & "Adds" | Although "Adds" shouldn't really be much of a problem if you have an "addblocker". However you can typically run everything through "VT" if you want to be safe/be sure
Thank you for this video I learned a lot, i was actually hacked through steam once. I tried to contact steam support to get my account, it was hacked through someone who shared me a link in steam so people better be careful who are sharing links and be always suspicious. I actually learned from that and when i got attacked a 2nd time yeah dude not this time. I straight up reported to steam.
i think i never got any viruses from steamunlock at the time, but the last time i needed to reset my windows and there was still some files but nothing was happening anymore, one time i got every single thing hacked, google account and so everything else, it was for data breaches (not steamunlock), not sure if i ever got a virus for steamunlock, but im happy i managed to get basically everything important back in like a week, they was uploading porn fishing promo videos on my youtube, crypto spam on my twitter and a lot more, to this day all of my emails have been pwned
Good video. Fortunately I am clean based on this video but I had to uninstall AVG as I was getting this prompt about " Your pc needs to retart in 1 minute" I had to disable all startups and realised after a few tweeks that AVG was the culprit, somehow. After I uninstall it the issue went.
this was actually helpful , i had k-lite codec pack and apparantly it was connected too something odd in there good catch. i dont see it anymore so and the others are just common microsoft gaming platform names. I dont really torrent anymore so.
One method they use to infect your PC is with a pop up on a questionable website - "Your Computer is Infected with a Virus" in a scary big popup usually in red. The uninformed will click on it which plants the first malware code on the PC. Then that malware invites other viruses, malware and trojans to the party. One time a friend brought me his wife's laptop which was massively infested with over 80 viruses and malwares. I tried to remove all but in the end I suggested a clean re-install since there was no critical data on the hard drive. She invited the first malware by clicking on a Facebook banner ad.
The scarier ones is when the hacker makes a hidden user and utilizing its own VM through powershell rce whike you are logged on active so they can do literally anything
Pretty much everything you said at 7:54 happens to me, clean installed windows multiple times, flashed motherboard and ssd partitions but they keep coming back... idk how and didnt find nobody yet xpd enough to help me. If somebody wants to end this bullying please let me know. PS: Im a gamer and they are just sabotaging my aim or other stuff in every game i try to play, got alot of video evidence of it too.
Yo ebola I have a problem, I can see theres a virus in my startup on task manager but it wont let me go to the file location to delete it, any ideas to help?
yo i think im actually hacker because my command prompt looks different than yours and i see random things pop up for a split second could u maybe help me with it becasue i have no clue if its normal or not
hey im trying to that find search but i cant get the straight line down on the cmd. How did you do that? I tried doing the find "5500" without it and a bunch of things pop that just give me info on what -a or -b commands do.
I have the same thing on my pc rn 6:04 and I disabled it from the startup but I cant open the file location. Could you help me delete it? Or maybe inspect it so I see whats going on?
Sometimes black screen is not a hack but Microsoft claiming no license key. There is a fix for that which can be done by using a Tamagotchi. If you knew the meaning too the codeword you would know what I am talking about.
Im chillin with 10 malwares in my computer "i swear im not joking an msg poped up saying Iin the title Synapse: Your computer has been Comprimized" 😭😭😭😭
i have only 1 chrome opened and in cmd it shows a few with diffrent ips, also sometimes in my youtube history i see videos appear that i havent watched and in audio setting there is extra chrome in mixer and it plays sounds but its muted, how do i fix it
wait my pc's wallpaper keeps changing to black but only when its been turned off for a while, is that bad? and also on startup sometimes the cmd keeps poping up for a few seconds im going to assume thats bad or its just some other regular program doing it
by the way, you forgot one thing theres another folder which opens at startup for all users. Its at: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
i was playing a game when i noticed my mouse was moving randomly even when i dont move it so that's why i checked this video and when i opened that thing for the startup programs i also had that thing that was just "program". i disabled it but idk if that's enough and idk if my pc is even hacked but i'd appreciate any help
I have a question bout sum. So basically they turned an organization thing so there are somethings in settings i cant turn on or off and they disabled task manager. How do i undo that
Now, how do we troubleshoot it thats the big boy problem cuz they sometimes have abilities to like delete this thing that makes it so you can't reset pc
when i turn on my laptop it shows a couple of cmds poping up for a split second and when i play any game my laptop just freezes and i have to restart it from the button idk if the freeze is because of the cmds
that's nice and all but if I dont know what im looking for. If i dont know what sketchy is then im still screwed. know what i mean? So who is this video for?
Wait… I see my background become a black screen and I see the cmd window popup for the split second 😩, but I see my cmd window popup randomly and multiple times 🤔
@ebolaman_ I checked and with the first thing you did in the video, I see stuff like Radeon and cryptsvc. But when I first turn my PC on, I see more stuff. I saw one said 5357
Would be a great video if you had a donor PC that was infected/hacked or such. Then... actually perform these commands to show how it actually happens and works. Sorry, I have not combed through you videos to find a video of this yet. If you have. If you haven't, I highly suggest it. Would rack up a ton of views.
yes black screen , my mouse was not there and it suddenly at the other corner? I still cannot detect the keylogger , please help . tired reset windows daily
Still remember when my diacord got hacked and i was talking to the hacker through my friends dms he saw everything thankfully he was a real one and never switched anything like passwords etc
The video is not complete. I always recommend checking the following:
- Task Manager
- Netstat
- shell:startup
- shell:commonstartup (missing)
- registry HKCU run
- registry HKLM run (missing)
- task scheduler (missing)
- registry wininit (missing)
very good comment, just a small improvment: its "shell:common startup" with the space
For all of these (except netstat), you can use AutoRuns to see any startup tasks, netstat doesen't matter much after you restart.
@@fab3f ty
he also missed dll locations for checking if dlls where hijacked and registry ms-settings\shell\open\command for uac bypass with fodhelper and installed drivers
also ebola man did the HKLM run, not HKCU
the dude who ratted my computer watching me watch this:
facts lol
@@LGN.420 dox him if his dumbass used something like nc
You have a new friend lol
@@SpaceTechChan me to but I’m on my phone I might have to switch to Linux so my dumbass can’t get ratted every other month
@@Wisxpee just use antivirus and check files better, linux is hard in a lot of moments for the average user (playing games, using windows software, finding drivers and many more)
"EBOLA IS BACK!!"
"ebola is back😨"
This was a great video. One note is to explain what the options do within the command so that can be demystified to a typical user. Will be using this vid as reference fr
oh man, you've grown. I remember watching your vids when you had a 1000 subs or so. damn. Keep up the good work big bro
😁
wake up, ebola man uploaded
Thanks for waking me up babe
@@NxVernxual np
@@Stratxgy. same Diddy I mean daddy
the person who ratted my pc didnt like this
lol
I have like 3 trojans tomorrow they are going through an extinction lvl event
@jedrzejczuprynski4601 how did it went?
Thank you so much for making this man, I'm gonna try doing all these check ups when I get to my computer
this guy is always just in time when i need helps
Thank you so much,
Sometimes in my pc cmd appears and disappears
my mouse freezes
and i see your video
i saw startup programs method
i checked taskmanager and i see double salih (user name) i used shell:startup and i see an app named fluxus 1.2v (an roblox exploit) i was opened it this like 5-6 day before now i know who is this i deleted and another salih (user) in task manager disappeared and after i delete it
Windows defender is detected too. (in trashcan)
Maybe you saved my life the hacker can steal my infos etc
(sorry for bad english)
😭🙏🙏
"zori vor bad englizh🤑🤑🤑"
The way you showed to get rid of a dll based malware is kinda useless due to most malware using manual mapping injectors and avoiding using loadlibrary because its easy to trace but good vidoe ❤
Or just good old dll proxying like I would
Also easy way to get urself in startup if u target some program everyone uses
Yoooo. I'm from the Philippines! Just as you uploaded your video, I saw it right away. I’ve been watching your videos for a long time. Keep it up, dude.
Hey ebola man! I really love your content all the way to the fact I have started a new channel! I really love your content and it has inspired me so much!! Thank you for being such a good inspiration!
keeping going bro on the road to 200k subscribers
💯
my mouse sometimes moves to a corner randomly, and the command prompt sometimes opens up for a milisecond, but it has happened less than it used to, the weird part is that it’s new, i bought it a few months ago from a trusted store. my ram is also usually at 10gb with only discord and opera gx open.
Reinstall the system from an official iso installed from another PC, I don't think it's worth trying to delete the malware, some of them multiply in the directories, you could delete one, deactivate them but there is always a risk that they remain.
This time it is really educational purpose
I had 8 trojans on my pc its time to stop going on steamunlocked
This what we receive for pirating😔 (i cant buy games)
steamrip is a lot faster and safer than steamunlocked AFAIK/FWIH. Only thing you typically have to worry about is false positives flagged by your antivirus, and maybe ads although it shouldn't be much of a problem if you run an adblocker. You can typically run everything through virustotal if you want to be sure.
Steamrip *should* be a lot safer and faster as far as I know, or from what I've heard anyway. Only things you have to worry about are "FP" & "Adds" | Although "Adds" shouldn't really be much of a problem if you have an "addblocker". However you can typically run everything through "VT" if you want to be safe/be sure
"FP" - False Positives. "VT" - Virus Total
Look up "VT in malicious protection" to see what it stands for. Same for "FP" Throwaway comment
Thank you for this video I learned a lot, i was actually hacked through steam once. I tried to contact steam support to get my account, it was hacked through someone who shared me a link in steam so people better be careful who are sharing links and be always suspicious. I actually learned from that and when i got attacked a 2nd time yeah dude not this time. I straight up reported to steam.
bro what is remote desktop companion and why is it established??? (nvm its just meta quest connecting to my vr)
this is what I get in return -
The requested operation requires elevation.
0:26 BRO HOW DID YOU KNOW 💀
i think i never got any viruses from steamunlock at the time, but the last time i needed to reset my windows and there was still some files but nothing was happening anymore, one time i got every single thing hacked, google account and so everything else, it was for data breaches (not steamunlock), not sure if i ever got a virus for steamunlock, but im happy i managed to get basically everything important back in like a week, they was uploading porn fishing promo videos on my youtube, crypto spam on my twitter and a lot more, to this day all of my emails have been pwned
Fr
guys... why do i have 30 different connections on port 80?
Good video. Fortunately I am clean based on this video but I had to uninstall AVG as I was getting this prompt about " Your pc needs to retart in 1 minute" I had to disable all startups and realised after a few tweeks that AVG was the culprit, somehow. After I uninstall it the issue went.
Hey, another one is in task scheduler it can also run CMD commands just like in task manager startup tab
The thumbnail had all normal windows processes on it, except the node thing thats on there, never seen that before.
this was actually helpful , i had k-lite codec pack and apparantly it was connected too something odd in there good catch. i dont see it anymore so and the others are just common microsoft gaming platform names. I dont really torrent anymore so.
so my old computer is 100% hacked in some way, it shows several of the bad signs and runs very slow, time to fix it
I have reoccurring nightmares that I have been hacked
real
me too
One method they use to infect your PC is with a pop up on a questionable website - "Your Computer is Infected with a Virus" in a scary big popup usually in red. The uninformed will click on it which plants the first malware code on the PC. Then that malware invites other viruses, malware and trojans to the party. One time a friend brought me his wife's laptop which was massively infested with over 80 viruses and malwares. I tried to remove all but in the end I suggested a clean re-install since there was no critical data on the hard drive. She invited the first malware by clicking on a Facebook banner ad.
crazy world Love watching whydna and just when you said it i realized i watched his video with you in it shi was good dawg
what if my computer has a RAT and i just start writing roblox smut fics until they leave me alone
That's when they nuke your PC 😂
new to coding and have any questions? feel free to ask here :)
Grandmaster skid just dropped new vid 🔥
where can i get program hacker big dawg? you're the only reason why im still alive tbh glad to see you're back
wakey wakey, Mr. Ebola is back!
CMD opens up on a fresh installation of Windows though.
ebola got that quacked adobe i see u homie
This actiualy helped a lot, thanks ❤
Younger me just rest the whole computer 🗿🗿🗿🗿
If I'm paranoid and want to reinstall, do I have to wipe ALL the drives?
depends on how paranoid you are and if you can rule out a drive or not
Thank you for this video, ebola man!
-nbf | find "3389"
'-nbf' is not recognized as an internal or external command,
operable program or batch file.
Sometimes my cursor starts moving and clicking on stuff I’m I cooked?
bro...
sell your house and go to another country
Call the exorcist pronto!
ebooola mannnn is baccccck 🤩🤩🤩🤩🥰😇
Also, some light programs open and close cmd on startup like steam
Ligit*
Ligit
legit :)
@@James-e4q3c try again?
The scarier ones is when the hacker makes a hidden user and utilizing its own VM through powershell rce whike you are logged on active so they can do literally anything
how do you detect these types?
Thank you very much for your videos there’s just excellent 👌 I will be studying all of the topics that you teach in your videos
i resetted my pc recently and always have it that my wallpaper goes to default and then to the animated one back ?
if ur using wallpaper engine thats normal
A windows 10 update in 2024 changed my wallpaper
I commented so I could get a reminder when I get a renewed laptop
Why you didn t upload a wifi tools?
Yo, have any advice on how to check for malware/hackers on Mac? Love the videos by the way keep it up 👍👍👍
Pretty much everything you said at 7:54 happens to me, clean installed windows multiple times, flashed motherboard and ssd partitions but they keep coming back... idk how and didnt find nobody yet xpd enough to help me. If somebody wants to end this bullying please let me know. PS: Im a gamer and they are just sabotaging my aim or other stuff in every game i try to play, got alot of video evidence of it too.
maybe a motherboard rat
Get a good anti virus product
does having program in your startup 100% mean anything?
Yo ebola I have a problem, I can see theres a virus in my startup on task manager but it wont let me go to the file location to delete it, any ideas to help?
same for me but how can i delete it? We need your help
ebola man
pls!!!
Get a good antivirus product
yo i think im actually hacker because my command prompt looks different than yours and i see random things pop up for a split second could u maybe help me with it becasue i have no clue if its normal or not
hey im trying to that find search but i cant get the straight line down on the cmd. How did you do that? I tried doing the find "5500" without it and a bunch of things pop that just give me info on what -a or -b commands do.
i love this man
I have the same thing on my pc rn 6:04 and I disabled it from the startup but I cant open the file location. Could you help me delete it? Or maybe inspect it so I see whats going on?
Sometimes black screen is not a hack but Microsoft claiming no license key. There is a fix for that which can be done by using a Tamagotchi. If you knew the meaning too the codeword you would know what I am talking about.
how do you know files are from a hacker when you see the full list?
2:04 sorry im slow. So should i stop 3389 and 5500
if they are running remote desktop services then yeah
Im chillin with 10 malwares in my computer "i swear im not joking an msg poped up saying Iin the title Synapse: Your computer has been Comprimized" 😭😭😭😭
Might just be scareware
@@fertileplanet7756 frfr
i have only 1 chrome opened and in cmd it shows a few with diffrent ips, also sometimes in my youtube history i see videos appear that i havent watched and in audio setting there is extra chrome in mixer and it plays sounds but its muted, how do i fix it
i see you got hacked.
I've used steam rip a lot, so everytime i pressed enter to verify each one It was sooo scary bro, but nothing on my computer
wait my pc's wallpaper keeps changing to black but only when its been turned off for a while, is that bad?
and also on startup sometimes the cmd keeps poping up for a few seconds im going to assume thats bad or its just some other regular program doing it
by the way, you forgot one thing theres another folder which opens at startup for all users. Its at: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
6:30
Hahah and ntkernrl registry malware few more registry malwRe
i was playing a game when i noticed my mouse was moving randomly even when i dont move it so that's why i checked this video and when i opened that thing for the startup programs i also had that thing that was just "program". i disabled it but idk if that's enough and idk if my pc is even hacked but i'd appreciate any help
MY command prompt pops up but with something saying it couldn't work but before i scanned with Malwarebytes it didn't, did i have malware???
I have a question bout sum. So basically they turned an organization thing so there are somethings in settings i cant turn on or off and they disabled task manager. How do i undo that
Now, how do we troubleshoot it thats the big boy problem cuz they sometimes have abilities to like delete this thing that makes it so you can't reset pc
when i turn on my laptop it shows a couple of cmds poping up for a split second and when i play any game my laptop just freezes and i have to restart it from the button idk if the freeze is because of the cmds
i deleted c:windows and my life is great now
Also, in my registry, theres no "Run" inside Current Version
that's nice and all but if I dont know what im looking for. If i dont know what sketchy is then im still screwed. know what i mean? So who is this video for?
Hey ebola, can u make a ip puller tut?
Wait… I see my background become a black screen and I see the cmd window popup for the split second 😩, but I see my cmd window popup randomly and multiple times 🤔
What about the taskbar randomly popping up for a split second? No cmd or powershell just taskbar. It doesnt happen that often though.
that’s a lil sus
@ebolaman_ I checked and with the first thing you did in the video, I see stuff like Radeon and cryptsvc. But when I first turn my PC on, I see more stuff. I saw one said 5357
@@Eqxu when you start your pc it's normal to see more ports and ips being used
Would be a great video if you had a donor PC that was infected/hacked or such. Then... actually perform these commands to show how it actually happens and works.
Sorry, I have not combed through you videos to find a video of this yet. If you have. If you haven't, I highly suggest it. Would rack up a ton of views.
when i try to search ports the cmd keeps searching and doesn't give me a result
plot twist: ebola gets ebola
5:05 i bet that specific dll dodges when you click unload
what windows do you have that you teach us about your education?
Last vid got deleted or idk it become private when i was watching
Thank you so much dude ❤
How do I remove a malware extension? I sadly got hacked !? Im not sure how I can find the policy for the extension
Yo what does like in the first one when i did the cmd thing and some of is written CLOSE_WAIT what does it mean?
idea for next video, how to code an malware in batch
Hey so when I do “5800” and “5900” I have like 25 establishs
im still kinda new to hacking but is there a way to make a file not popup as a virus?
call me a skid if u want, but it would be helpful if any of yall could help or teach me
obfuscation, crypting, theres a lot u can do. I teach a lot on www.skool.com/anonymous2
What If there is process migration involved will I still be able to identify the virus?
yes black screen , my mouse was not there and it suddenly at the other corner? I still cannot detect the keylogger , please help . tired reset windows daily
Still remember when my diacord got hacked and i was talking to the hacker through my friends dms he saw everything thankfully he was a real one and never switched anything like passwords etc
What music was in the background
i have a terrible trojan virus that no matter what i do i cant get rid of it. Is there anyway to keep my apps and do a full windows reinstall?
why is my heart beating hard after starting the vid???
hey a CMD windows sometimes pops up when i startup can i get some help
Tysm man I appreciate it w vid
imma do this weekly for now
what happens if u find 2 different TCP's with the command ( netstat -nbf | find "5900" ) ?
like what does it mean? cause i ran the command and i got 2 TCP's while ebola man got none
that’s the vnc port 😭
@ 😭shi man i’m stupid , ty tho i was worried