pc being hacked

[Cro666]

For a little while i've had problems with passwords being hacked, Hackers trying to hack into my acounts on multiple platforms. i changed the passwords of the things that were important. My laptop started doing weird things like taking 5 minutes to start up (normaly it takes 10 or so seconds) so i reset windows on the laptop (everything besides my personal files).

Today i wanted to listen to some music i had saved on my laptop, Just as the music started to play all of my files got deleted in front of my eyes. This i find very weird because i had just reset windows 2 days ago, I didnt do anything out of the ordinary after the reset so i am 100% sure that i did not download a virus or something of the sort. So today i once again reset/reinstalled windows but this time a complete reset.

I am not sure if i simply got hacked or if this was some sort of enemy attack (I doubt its an enemy attack but lately thay have grown bold so it might be possible).

I want to protect myself better from hackers, Windows, Etc... I dont know how so can anyone help me with this?

 

[High Priest Hooded Cobra 666]

Re-installing your Windows is going to do the trick for the most part. You need a fresh new clean installations. Alternatively, you can install Linux Mint or Ubuntu. This will be the first step to clear out any existing hacking. Anything that you may try to change will not work unless your pc is clean.

 

[ShadowTheRaven]

If your computer is being controlled directly by a hacker, you have a Trojan Horse. These bits of software can steal saved passwords, keylog your PC, spy on your PC, turn on your webcam, create fake errors, and use Windows Command Prompt to execute exploits the hacker may have written or purchased.

Most antiviruses will get rid of common Trojan Horse (aka RATs, or Remote Administration Tools) viruses like DarkComet, Cybergate, njRAT, Imminent Monitor, xRAT, jRAT, and so on. Some may be custom-designed and coded by an experienced hacker or programmer in order to remain undetectable by anti-viruses, but they all work the same way.

In order for a virus, regardless of type to start up with your computer as you log in, they are typically hidden in your startup registry. There are two startup registries for all Windows operating systems (I cannot speak for Linux or Mac).

In your start menu, type "regedit" and press enter.

You'll want to navigate to these directories and check for suspicious "keys" (instructions for certain programs to boot up as you log in, like Steam, Discord, your Antivirus, etc)

Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run (Your user profile)
Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run (The computer itself)

It'll look something like this:

If you see a key that looks suspicious, such as "Windows Update" or "Windows Security" or some other generic service that appears legit, it's a fake. Default Windows services don't appear in the registry, and you should be able to see the path to the exe file that the trojan's "stub file" is located (the file that connects your PC to the hacker's via client-server socket connection). This will most likely be in %appdata% or %temp%, or another hidden folder that a normal user can't easily access.

Simply delete the registry key, and restart your computer. The hacker can't connect to your PC anymore because the trojan horse itself has been isolated from starting up with the system.

Don't forget to delete the trojan stub file from your computer after restarting your PC (can't be deleted while running)

Hope this helped

 

[Cro666]

''

I am not sure how to get an image url to show, But i did check on my laptop under Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run (Your user profile) was nothing besides the default, But under Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run (The computer itself) was a program called SecurityHealth... If i understand you correctly this is most likely a troyan right?

 

[ShadowTheRaven]

''

I am not sure how to get an image url to show, But i did check on my laptop under Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run (Your user profile) was nothing besides the default, But under Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run (The computer itself) was a program called SecurityHealth... If i understand you correctly this is most likely a troyan right?

Oh, that's your Windows Default Antivirus, don't delete it. I assume you're running Windows 10?

I use Avast Free Antivirus to scan my computer if I'm ever in doubt. https://www.avast.com/en-us/index#pc

Windows 10's default AV is trash, it's like having a copy of Norton come with your PC (and some of us know how god-awful that software is) so I definitely recommend Avast. It's free, but if you decide to pay for it, you also get a VPN, Sandbox software, junk file cleaner, and some other tidbits that I never really mess with.

 

[ShadowTheRaven]

''

I am not sure how to get an image url to show, But i did check on my laptop under Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run (Your user profile) was nothing besides the default, But under Computer\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run (The computer itself) was a program called SecurityHealth... If i understand you correctly this is most likely a troyan right?

It's Windows 10's default antivirus. Here's an image of my HKEY_LOCAL_MACHINE:

So no, that's not a Trojan.

Also to take a screenshot of your computer, just open Snipping Tool, hit "New" on the upper left hand corner, drag the area you want to capture, open https://imgur.com/ and hit New Post, then just paste (Ctrl+V) the image. Give it a couple seconds to upload, then right click on the picture, and hit Copy Image Address

Come back onto here, and use the "" tags.

Example: [img]Your%20Image%20URL

Trojans tend not to install themselves on System32, they tend to install themselves in Appdata or Temp. Installing a Trojan in system32 would trigger the UAC feature upon installation.

 

[Henu the Great]

I do not use any antivirus software knowing that able hackers come through ports and I do not download random shit I do not trust. So yeah, one can be totally fine without av-software. Also like raven mentioned some trojans (the decent ones) are undetectable by av-software, at least for awhile, and then after some time detected cuz number of people get infected and lists get updated from reports.

However I do use adblockers and track blockers on internet browser. I would recommend using javascript blocker too, but for me too much hassle to whitelist every page. Living the dangerous life, hehe. :lol:

 

[Pirate11]

Just get Linux, don't trust using windows: you have no access to its source code, you'll never know how's it spying on you. Yes i wrote "how" not "if".

 

[Cro666]

Thank you all for the help, I really appreciate it and i am going to consider getting linux or ubunta.

''

I tried it all out and my pc and laptop seem clear, I didnt have anything weird in the mean time so hopefully it stays like that.

There is just one thing still.... Hackers are constantly trying to hack my steam account this is the only account they keep trying to hack. Even now what ever i do they still find a way to get the password for some reason...... I changed my email password and my steam password multiple times but whatever i do they still get the passwords.

I would think that they have some program running on my pc but it all seems clear, So i am really confused.... Any toughts? (when i change my password it something generic like: d2Dr45gRe... So extremely hard to crack)