How to see if computer being hacked??

donline

Commendable
Apr 20, 2016
160
0
1,640
1
Hi folks,

What ways can I monitor my computer/sytem to see if my computer is being hacked?
Is there a way I can see in good detail what is being received and sent via my Wi-Fi connection/router?

I was using Audacity sound editing software yesterday and installed a plugin, then within an hour or so my computer (laptop with Windows 10) started some strange behaviours...

I noticed that my computer was running a little slower and that a window would pop up and disappear very quickly (like a black MS-DOS script/command window). I noticed that the window would appear after I selected and connected to my Wi-Fi network.

Eventually, my anti-virus software (Avast) picked up on a 'threat' called 'IDP.Alexa.51' and moved the file (setup.exe) into the 'Virus Chest' where it was quarantined, and then I selected the option to delete the file. The file was located in a Temp folder and running within a configuration file/setting called '_ISMSIDEL'.

After that, I uninstalled Audacity and the plugin (plus three 'Microsoft Visual C++ Redistributable' installations that came along with the plugin - I noticed that when one of them was uninstalling it was displaying Russian language for the standard uninstallation wording).

Now, having deleted the setup.exe file and the above, the pop-up window/script is no longer appearing and the system appears to be running as normal.

However, my concern is that perhaps something (a virus) is still running in the background and could be causing problems. I'm concerned that the file/virus could possibly infect my personal files (documents, photos etc) and be using my Wi-Fi to access my system.

What would you recommend as options for me? I'd like to make sure 100% that the virus is completely gone from my system.

Also, could this possibly be a false-negative detection by Avast?

Any advice would be much appreciated, thank you! :)

D
 

Robert Ban

Estimable
Jul 30, 2014
437
0
6,010
110
Hacking is not that way how you think it works, usually hacker sents a trojan which firstly needs to enable somewhat remote or install it on your PC (some software not sure which one neither i want to mention), as he injects that he has control over your PC, but you can still find it in running process, thats harder to hide.

If you wanna good detail, Charles or Fiddler would be good.
 

rgd1101

Titan
Moderator
MERGED QUESTION
Question from donline : "IDP.Alexa.51 warning from Avast - please help!!"



 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks Robert Ban. I've already run Malwarebytes and Avast and nothing is coming up now (i.e. no detections of malicious software)...

But how can you know if everything is completely removed?
 

Robert Ban

Estimable
Jul 30, 2014
437
0
6,010
110
Well usually you have to find manually, search trought Your Main drive where is windows, the program files and (x86) search for abnormal folders if you know.
And type in start %temp% and delete all in the folder and files which cannot be deleted leave them (its just temporary folder which contains for example unsaved document which you forgot to save like notepad) its okay to delete.

"To permanently eliminate IDP.ALEXA.51 detection permanently from your computer, we strongly advise to isolate this threat first by booting into safe mode, after which either hunting down the malicious files manually or automatically. Experts always advise users to take the automatic approach and remove the virus files using an anti-malware scanner.
Booting in Safe Mode
For Windows:
1) Hold Windows Key and R
2) A run Window will appear, in it type “msconfig” and hit Enter
3) After the Window appears go to the Boot tab and select Safe Boot
Cut out IDP.ALEXA.51 in Task Manager
1) Press CTRL+ESC+SHIFT at the same time.
2) Locate the “Processes” tab.
3) Locate the malicious process of IDP.ALEXA.51, and end it’s task by right-clicking on it and clicking on “End Process”
Eliminate IDP.ALEXA.51‘s Malicious Registries
For most Windows variants:
1) Hold Windows Button and R.
2) In the “Run” box type “Regedit” and hit “Enter”.
3) Hold CTRL+F keys and type IDP.ALEXA.51 or the file name of the malicious executable of the virus which is usually located in %AppData%, %Temp%, %Local%, %Roaming% or %SystemDrive%.
4) After having located malicious registry objects, some of which are usually in the Run and RunOnce subkeys delete them ermanently and restart your computer. Here is how to find and delete keys for different versions.
For Windows 7: Open the Start Menu and in the search type and type regedit –> Open it. –> Hold CTRL + F buttons –> Type IDP.ALEXA.51 Virus in the search field.
Win 8/10 users: Start Button –> Choose Run –> type regedit –> Hit Enter -> Press CTRL + F buttons. Type IDP.ALEXA.51 in the search field."

Well happy virus hunting, also on malwarebytes site there is adware removal its very powerfull tool. You can use it.
 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks Robert Ban

I've done a manual search as you described (and not found anything), and also run Malwarebytes :)
 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks Robert Ban

I just downloaded and ran the Malwarebytes Adwcleaner now... worked nicely.

Doy ou have any other tips? If I were to completely reinstall (clean from USB stick) would this guarantee that all viruses are gone?
 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks Robert Ban!

Is there any chance that my personal files (photos, documents etc) would be infected by the virus/trojan?
 

Robert Ban

Estimable
Jul 30, 2014
437
0
6,010
110
Files cannot be coded to act as malware, but adding string to them can, mostly trojan acts as cpu miner or similar, they usually dont go after documents, but credit cards and etc.
Just as if you see weird acting reinstall browsers.
 

Robert Ban

Estimable
Jul 30, 2014
437
0
6,010
110
Yes it can, but i've never encountered such malware yet :/ but i've seen miners, svchost 100% usage, games that deliver attack (cs 1.6 when i hacked around 8-9 years ago, on top server and my pc went mad :D).
If you buy stuff online be sure that you uninstall browsers, run ccleaner and clean all and install them again, that will make sure that they don't have anything (for cleaning select everything).
 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks rgd1101

So what can I do with my files currently on my system? If I want to back them up, then clean install Windows, and then put my files back on my computer are they just going to re-infect my system? What would you recommend?
 

donline

Commendable
Apr 20, 2016
160
0
1,640
1


Thanks Robert Ban

And how can you monitor your system to see if suspicious things are going on besides running anti-malware/virus software?

How can I make sure 100% that my system is clean?
 
Thread starter Similar threads Forum Replies Date
Zugoldragon Apps General Discussion 2
S Apps General Discussion 1
P Apps General Discussion 5
A Apps General Discussion 5
H Apps General Discussion 2
P Apps General Discussion 1
T Apps General Discussion 1
K Apps General Discussion 2
R Apps General Discussion 4
M Apps General Discussion 1
R Apps General Discussion 1
H Apps General Discussion 4
K Apps General Discussion 6
G Apps General Discussion 1
F Apps General Discussion 1
shadowmax Apps General Discussion 3
B Apps General Discussion 2
Y Apps General Discussion 1
A Apps General Discussion 2
L Apps General Discussion 5

ASK THE COMMUNITY