How to Check if your PC is Hacked
HTML-код
- Опубликовано: 18 сен 2024
- How to Check if your PC is Hacked
Official Discord Server - / discord
Learn Reverse Engineering - skool.com/eric...
In this video I show how you can check if your computer has been hacked, for example if the system has a remote access trojan (RAT), or infostealer and how you can recover. If you have a persistent infostealer, or RAT it's usually easier to reinstall than any other method, if it was not persistent, focus straight away on resetting all of your sessions and passwords.
In addition, having 2 factor authentication is helpful, but it doesn't guarantee security when dealing with malware. Infostealers can steal the chrome cookies in addition to the passwords which usually is enough to login to a google account without 2 factor authentication.
Tools Used:
learn.microsof...
www.microsoft.... (Windows 11 Media Creation Tool)
www.microsoft.... (Windows 10 Media Creation Tool)
Remove Google Account Access: support.google...
Follow me on X - / atericparker
(C) Eric Parker 2024
When I started the video, suddenly a notepad popped up, and it wrote: "nah, you´re good. No need to watch this"
😅😂💀
I'm so glad that you read the note I left for you😂
ur good bro
You are successfully protected my man.
write something absolutely wild to em
The hacker who got into my PC through RAT watching the video with me ☠
turn on your camera and give him a show
@@savagecorn1739 WILD
☠☠☠☠
plot twist the hacker made this RUclips comment too
@@QuantumNaut Naaah that's me 💀I mean not the hacker, but it's hard to explain 😂
The moment when you try to play the pirated game and you see the cmd for a split second and then tell yourself surely this is the part of installation and not info-stealer.
Some games do use it legitly, like tmodloader
Sometimes I think those "trusted" piracy guides aren't to be trusted at all. Every time I fire up a game from any of the trusted sources, I get a firewall prompt, even for single player games.
whats worse is NOT seeing the cmd pop up when youre supposed to
That's why i unpack it myself, it's usually isos, i dont trust installers from cracks at all, got ransomware once thanks to my naivety
@@scrittlesometimes legit games do it to me
This video should be standard for anyone who has to use a computer. It's ridiculous that people are expected to use computers for personal productivity without knowing the risks and how to remediate them.
Sometimes it doesn't help, it seems like ignorance is rampant nowadays.
Its crazy people drive cars without knowing the risks and how to remediate them. I feel like you can say that about a lot of things the every man uses
I don't know if I trust this guy, he's not a random Indian guy with a microphone from 2004
that's how you know hes trustworthy
@@manjorn589exactly, not all but MOST Indians are spreading misinformation
Pleas understand saar
DO NOT REDEEM!
@@xSinicle u old bish do not redeem
Thank you for showing this, i have mental illnesses that make me paranoid/fearful and i have a deep fear of getting my pc compromosed after a trauma from a previous attack, these help to calm down
Geez, same with me here... Feels good to know that I'm not alone :)
@Autism764 Yeah understandable, what caught me really off guard is that the guy who hacked me was talking to me on Discord and that really scared me cause he said that I should change my router and sent laughing emojis... Well, I'm glad now that it happened cause I got better with computers in general
@Autism764 Yeah that. As for how did he, I'm not sure, I guess I was just careless
@@effmereality No, you are not alone at all. I am paranoid of getting hacked as well. But to be honest, it gets better with time when you start to learn more about cyber security. Just give it a try ;)
ААХХАХАХАХАХ я не один такой оказывается
I appreciate the honesty when you say the best thing you can do, once infected, is to wipe and reload your PC, as it’s the only way to know for sure you’re not still compromised in some way. I wipe and reload my PC about every 12 months, because it’s easier than doing system clean up and gives guaranteed results for restoring a PCs speed.
There is such thing as firmware level hacking. After compromise you can never be sure.
@PeacefulRS some people say thats its overkill for hacking normal users.....but if its done how to overcome this?And how to even identify this???
Do you just reinstall the OS or is there some specific process for this where I can still keep my settings and apps intact after?
@LabibAhmed-b8g Root kits can only be detected with special tools. These types of scans must be conducted from a second computer hooked up to the infected computer so that the bios never loads. If you suspect your computer has been rooted, it's best to take it to a professional. There are also some types of malware which you cannot remove, such as the Windows TPM exploit that was patched in 2017 (which many people never installed because they forget to update their firmware), which once executed, is functionally impossible to remove and requires throwing out the hardware. Again, if your PC is that fkd, take it to a pro. But not even they could fix something like that.
So uh. That may not always work. I've had a RAT before. The hacker straight up controlled my mouse cursor and the RAT survived PC resets. I couldn't just stop using that laptop so I eventually tried to write a sticky note asking some questions and they never answered LOL
Simple. If you see "Microsoft Windows" somewhere on the screen, just assume it's hacked and format your hard drive.
true, i got affected by this once
Not like I can get Linux hacked
It just stops working after 3 boots
…and install GNU/Linux
@@sw11500true af
@@sw11500 I've used the same linux installation for almost 5 years without any boot issues, or issues in general. I use auto-update. Everything works fine. If you install some dumb meme distro instead of something stable then that's a self caused issue from following top 10 distro youtube videos.
This video gives me nostalgia of not so old times, around 6 years ago when these kind of systems and equipment were considered modern and every single tutorial has this kind of quality, for me it's the peak of recording technology, nothing sounds better than this.
Now you got thinking about everything I’ve done on computer to think if I might have one
I'm confused why companies haven't made it harder to steal session tokens. Hackers have been copying people's logins and stealing accounts that way for years and every company seems to be fine with it.
I've been suspecting my PC has been hacked, one day someone on Discord added me WITH the username being my Discord email and the PFP being from my mom's Google account and started telling me info about me that I told NO ONE.
delete your account, change your passwords and format your pc drives or something like that
you got ratted ):
reset your pc and dont keep anything the "app" you downloaded is a rat i would not use the google password manager, use bitwarden it is free and you can import all of your google passwords into to it and also please dont download anything that is too good to be real for example like a level 7 roblox executor
you are cooked buddy
if you dont wanna reset ur pc just change your passwords and format your drive also please use bitwarden
The legend uploads again, love your vids, you inspired me to learn cybersecurity.
from like 10k subs to over 90k, damn that was fast
92.9k since you commented 5 hours ago
Well deserved.
I always compare malware to moldy bread when recommending that people reinstall windows. Sometimes, you can see the mold and know your bread is infected. Sometimes, you can't even see the mold and not know that the bread is not good to eat. You can try to rip off the moldy parts and eat the rest of the bread, but that is not advised because mold can bury its roots into the rest of the bread and be untraceable. Sometimes the best thing to do is to throw it out and get a fresh piece of bread.
Is your bread not sliced?
Recommended within 30 sec 🥳 keep up the good educational work 👍🏻
It's important to keep an element of surprise in your retaliation. If you believe your PC is infected, change your passwords on a different pc before cleaning the infected one. This way you won't find yourself in a race to who changes passwords first (you or the hacker)
Lowkey alot of the times especially with RATs all they want is money, they don’t really care about your accounts except for your bank account, or theyll ask you for bitcoin to get off your computer. Thats what actually happened to me when I got ratted, mf asked for bitcoin 😂 He told me to message him on discord and he told me how he hacked me and that he was doing it as a “side hustle”. Kinda weird to say but I think I became friends with the hacker. 💀 Ofc I wiped my PC and reinstalled Windows and changed my password but he was lowkey chill. 🤣
he is not watching you most of the time anyway so there would not be a race at all
bro tysm I found malware on my computer acting as lsass.exe.
Are you sure it was malware? At 4:43 you can see he also had Isass.exe running (the last red one), before he installed malware
If it's running from the System32 folder it's probably not actually malware. Possible but less likely. If it's running from anywhere else then yes.
it's not malware it's essential process to handle your credentials in windows
this is the situation when you better give a hint or any other CLEAR sign about your intention: are you serious or are you joking. I tend to think it's a joke, but not 100% sure
Guys the op said "acting"
Used computers are cheap. Have a second "secure" computer used only for shopping, banking, and sensitive tasks with an up-to-date linux distro, and no pirated software
most families have an old pc or a laptop and don't know what to do with it. Great opportunity to get a secure system. Some lightweight linux distro will fly even on an old system (like windows 7/8 epoch and even older)
Okay, so basically, if your computer's been hacked, it's like that one friend who always 'borrows' your stuff and never returns it... but instead of your favorite sweater, it's your entire identity and financial info. And the worst part? You might not even realize it until it's too late! So, yeah, just a casual Tuesday afternoon of checking for remote access Trojans and info Stealers... no big deal. Thanks for the anxiety, Eric!
I managed to disinfect a malware-infected system but I still prefer re-installing everything
Nicely done. I still prefer a fresh installation, mainly for piece of mind and ease of execution. To that end, I have a external hard-drives with all noteworthy software, drivers, etc, that I might require.
Fresh and debloated with chris titus
@@lussor1Windows 10 Enterprise LTSC is debloated windows and official from microsoft..
Or at least that's what the malware led you to believe, bwahahaha.
reinstalling without wiping hard drive also does nothing
I remember sometime in 2012 I had a really nasty adware virus on my mom's laptop. Everytime I would delete it, it would re-install itself back up. Spent like an entire day figuring out the original installer, deleted it and never saw it again, that's the last time I've seen any malware
Really great, very informative video. Simple enough for someone with less tech savyness to follow and understand, but more useful that the regular security slop around
Do you plan to make a video on using more advanced DFIR tools on samples like this? Probably too complicated for the average user but I'd love a video going through these samples, what traces they leave over Windows event logs and how accurate automated tools like Hayabusa are at marking them
Ive been using computers my whole life, learned a good chunk of new info from this. We are never done learning!
This is mainly for people who use Windows Defender as their only antivirus, if you have a 3rd party antivirus then these settings would be in the antivirus program's settings instead
i just found out i have a Chinese malware on my school windows 11 pc... :3
Ty!
Quick! Talk about tianamen square to self destruct the virus!
Average school computer
@@ghoulbuster1🤣
Good day Eric.
I wanted to ask real quick, as this could be important for other people as well, but, if the infected user has more than one hard drive, should they completely wipe all of them?
Plus to this is it impossible to backup the files on your pc after an attack?
Is there any way to backup anything? Or should a person run an usb stick with linux and move things around on a fresh hard drive?
Perhaps you have tips on this, as i have heard in rare occasions it could be possible for malware to jump ship and run on other parts of your computer, even after you format your main part of it.
Thank you lots for your work, this was extremely informative. I really liked it.
I HAVE Logi Options (not +) for my Logitech wireless keyboard
Holy f- that actually jumpscared me
Logi options+ is legit software though, they updated it last year and changed the name
First thing I did was look through these comments for that, because I was like "whhaaaaat, I have that for my mouse".
I love that you named your desktop Lain and we can see it when you have process explorer open haha
I have Logi Options for my actual Logitech mouse… but now you’ve made me nervous.
ty once again bbg
This is the kind of video I like to watch when I should be studying
Your video was on my recommended home page, I think you'll be getting way more subs soon :)
I only come here for the beautiful filled bassy voice. Just wanted to tell!
Hey Eric, Where are you from? I can't quite pick up the accent as it sounds American and British at the same time. Have a nice day!
He's from British Columbia, Canada
@@british_penguin_gg Nice. I seem to hear a little bit of a British Accent, but I don't know if living in British Columbia gives you that accent or something. I like it though!
Hahaha thats what I was hearing too.
@@british_penguin_gg he klaims such however his vowels are inkosistant, most of the time he uses amerikan style vowels however sometimes (inkonsistantly) he uses british style vowes "sahmple" instead of "sample "rahn" instead of "run" (its hard to right out alot more of these phonetik diffrences without knowing ipa however u may onberve, as english natives, there are far more "brittishisms" in his english (extra emphisys on the final w in "window", ect.) that will be observable to u) and when he speeks quikly he dropps the final r found in amerikan (and for that matter kanadian) english. so its klear he has accidental selektive non rhoticity
@@creeperking0017bro hates the letter c
As an IT guy I always just reinstall due to the major time sink trying to fix the system. I never know how long it will take to fix but I know I can quickly reinstall windows 😅😎
Easier done if you have been backing up your data. Even then, days to re-install all your apps and settings.
interested. i’m sure i have malware that’s fucking up my stuff
what about the kaspersky virus removal tool i've heard very much from it but dont know the actual effectiveness of it
Kaspersky removes even the windows spyware on windows 10 lol
pretty good tbh, keep uploading
like, these vids are helpful, i love em.
great video eric!
Is this a 10 hour Rick Roll video for anyone else or is it just me?
This is scary, more than horror. Hearing windows defender notification sound gives me PTSD.
self aware AI slowly walking back into hedge it just walked out from.
This makes me think I really need to take a few days and painfully go through the 501 entries in my password manager, deleting accounts I don't need.
FYI not all malware will show up in autoruns or process explorer, such as rootkits.
Had my crypto stolen from a info stealer that uninstalled itself, can't find any traces of it in temp files or event manager
Great video Eric! Can you do one on manually finding malware on linux?
Way too advanced for an old-timer like myself. I just follow the basic guidelines of installing an anti-virus program and never giving out any information or clicking on any links thru email, but instead going directly to the company's website itself to communicate. When setting passwords, I always use long, complicated mixtures of upper & lower case letters, numbers & characters. After 23 years of being a frequent PC user, I've never gotten hacked once.
Experian Identity monitoring isn't bad. Personally I recommend IDX.
basically the best thing to do is to reset?
Ideally with a flash drive on a separate computer yes. If you're tech savvy you can also attempt to manually remove files.
I plan on making a separate video on doing this with a linux live USB. Basically the idea is you would find the files and remove via linux, but 99% of the time backing up the files and resetting is better.
duuude... PEAK just uploaded...
You explain topic in very detailed way😊😊😊❤❤❤.
dude please learn english or use your first language whatever youre using to translate is doing you dirty
LMAOOO
@@MadPsyclone my hobby is nothing like shit _bitch_ 🗣️🗣️🗣️🔥🔥🔥🔥
I deactivated Kaspersky automatic start on start up and went to check windows defender and i couldn't Activate none of The defender options for or a couple minutes as "windows administrator" disabled It, then after a while It was enabled again and i had to activate The other options manualy after
Would this be a thing due tô Kaspersky being disabled previowsly on restart and defender ranking a while tô bem re-enabled or is there a malware that both arent detecting?
You should not run 2 antiviruses at the same time, they will clash with each other. Kaspersky, and any other antivirus, does disable Windows antivirus automatically.
oooooooooooooooooooooooooooooooooooooooooooooooooo eric parker posted
When I was a kid my laptop would open stuff by itself and I would hear noises of people talking in Arabic from the speakers and nothing was open on the laptop, not sure why or how but probably me trying to install sonic adventure as a kid made it happen
I got an e-mail once in the later-2010s, IIRC showing the password that I didn't share with anyone! But I already changed the password by that time! It was for a password I made up in my head in 2008.
Very helpful video, thank you!
There's malware that sits on your memory through restarts and will infect a new installation of windows. For those you have to clean your disks with a bootable thumb drive, turn off your computer including turning off your power supply, let it sit for a few minutes (it's less but to be sure a few minutes) and then perform a clean installation.
Best way to avoid that is stay away from dodgy websites and never open something unless you actually know what it is, including emails.
Reinstalling is really the only way that you can be sure
Agreed, but if it’s still there, change drives.
sure? rather until next disaster ))
linux is the way to be reasonable sure about your privacy and security
@@ТоварищКамрадовСоциалистКоммун yeah until people bother to start making malware for it too
I always install Kaspersky so I know Mr Putin watches over with me Eagle eyes.
why don't you mention that you install windows,
so a bunch of 3 letter agencies watching you
I got a trojan horse info stealer on my pc earlier this year, had to completely re-install my pc and change every password, to this day i still recieve notifications that people are trying to log into my accounts, the hacker sold all the information
Cool! Thanks!
I remember seeing a network monitoring tool as well, but it wasnt wireshark i think, would anyone happen to know what that software would be?
NetLimiter?
“I haven’t been hacked since my pc is fine”
personally i would create several different accounts on different devices so everything isn’t lost or stolen and possibly back up data whenever i can.
I once got my amazon hacked and the guy must have been a russian because he also got access to my twitch and subbed to a russian streamer und donated them like 300 dollars. Good video thank you
Thanks a lot, I was looking for this, I had to remove suspicious programs at startup and it worked, even suspicious drivers I found, if only I found the drivers from the pad and then remove them, I wouldn't have to reinstall Windows, these tools should be installed by default
Danoct, Enderman, ZGuardian, Olivers Tech, Flytech and you 🎉
this video is very informative, thanks for sharing!.
1D MENTIONED LESSSGOOOO
Really for trojan removal you recommend reinstall whole windows? What's the point of antiviruses then? It's pathetic
Hi Eric, I’d like to know whether outside security programs such as Trend Micro, are supposed to prevent the user from viewing the exclusions list in the windows menu. I will say however they the Trend Micro interface does have its own exclusions section. I am suspicious about this and am not sure whether it should be doing this or not.
In next video, please show how to use and setup WireGuard
biggest red flag while trying to install a pirated game: if you ever encountered where the installer folder has an .exe that "needs" to be running (the exe where it disables your windows antivirus), delete it immediately. one time I got this when I'm trying to get GTASA, and it'll forever disables my antivirus and idrk how to enable it.
Are you able to do a future video about rat kits that can hide in bios or memory or other place like motherboard which even with a hard format of the c drive or a hard format of the operating system doesnt even delete the rat i heard that those rat’s exist
ive been suspecting that the family pc has a virus because my little brother keeps pirating games and its been worrying me alot
you should make a video on how we can encrypted a ipv4 dns server
For this to be on my FYP. Oh dear
Who else thinks Eric should make his own antivirus?😊
pretty interesting....is there something similar like this to check if our phone got hacked? seen this video where someone can use someone else phone camera remotely
Thank you for the video!
If a hacker enters in your computer you don’t have time to do these things 💀
😂😂😂😂 this whole video is a joke!
Is your PC Windows hacked?
2 solutions:
Fresh install maybe
Or
Never install Windows again
Simple.
@@black_dragon274 yes sure, You’re a joke maybe…
@@sKaLLaTeK u mad because is true possy! 🖕🖕
7 years ago I downloaded a shit ton of malware trying to play "FREE MGSV PC OFFLINE CRACKED VERSION" My computer was so f*cked and I was so paranoid I destroyed the laptop & the hardrive.
When I was a teenager I downloaded Minecraft cheats. From then on my calculator would randomly open hahaha
Nice Video, but how do we distinguish from real not verified processes and fake not verified Prozesses?
Thing is ive reset my pc 3 times but i still get email notification about somebody trying to access to my account until today (my pc got ratted 3 days ago). One of my Microsoft acc already got stolen and I don't receive the code to change my password 🤷
I don't know if there still malware inside my pc. All i did was reset my pc but keep files. Will that get rid of the malware? Im not much of a tech person. And whenever im playing a game or pressing the taskbar my pc just froze. I really dont know what cause it. My windows and driver already up-to-date
Probably should do a fresh reinstall even though it'll be a pain. The malware probs stayed on the pc since you kept your files.
that's a bad side of online acc that it can be stolen
Hey, you, yes, you, the guy who are watching this with me
I'm watching you 👀
"Turn off the internet to prevent a potential RAT user that's watching to do something"
But don't some antiviruses have more detections or something when online because they read their database there? I've heard so, I could be wrong but I'm confused now.
that's why it's better to stay online using firewall. Firewall certainly must be tuned to let good/certified traffic to pass and deny/ask any other
Bro I remember like last week cmd opened real quick, then LinkedIn was in a different language everytime I opened it and windows defender quarantined some stuff
Android: wifi calling constantly tries to set up with failure every time your phone boots.
0:00 jump scare
test one. Do you have uncommon open source apps installed on your computer?
Keep up the good work eric!
An AMD updater sometimes pops up as CMD randomly, but I have to close the tab manually. I can't type anything on it and nothing appears inside of it. Idk if that's normal or not.
I can't edit my bios I shows that it can only modified by the administrator ?
Bro when I was a kid I had a rat before and they controlled my mouse periodically and it was so annoying and kept trying to use a script to open Skype (id shut the PC down when they took control) It survived even a full restore and so I tried leaving a note for them asking them stuff but they stopped doing it and I stopped using that laptop eventually because I wasn't sure how to get rid of that.
very good video. but microsoft/nsa already prehacks every computer sold.
RATs nest and leave droppings, who knew 😂
Those rat are everywhere this day.