I was watching YouTube yesterday when suddenly the playback paused and the full screen was exited. I then tried to click on the video to play it again, but I realized that I didn’t have any control over my mouse. I then saw that the mouse clicked on the address bar and typed in something like “edge:://settings”. I freaked out and instantly pushed the power button of my computer and disconnected the LAN cable.
Whoever did this, I was in Firefox, idiot.
Anyway, I’ve never experienced something like this ever. I’ve encountered multiple viruses and adware before, but most of them were easily traceable and removable. Most of the time there was a suspicious process in the task manager, sus folders and files, suspicious autostart settings or they could simply be found with a scanner. Only a single time I had to reinstall Windows because the virus locked my system. But this time was different. I don’t use cracked software anymore, I don’t stream anymore, I don’t stroll over the internet anymore. There was no reason and no suspicious activity beforehand. Everything happened completely out of the blue and in the background.
I found a strange log file in the temp folder, in which it looks like the edge browser was reverted to an older version in the background with some registry changes on edge and web viewer and other stuff in the background as well as some windows defender changes in the registry. My guess is to create a more vulnerable version of Edge.
I’ve completely wiped edge from my computer as well as every registry entry that was related to edge, I’ve reinstalled Firefox and removed all cache, cookies, history, password, etc. I’ve deleted several suspicious files and registry entries that were changed shortly before this happened and I saw that for some reason remote access wasn’t completely deactivated, so I shut that down too. I’ve run several anti virus and malware scans, fixed a few things they found, but there is still no obvious trace and reason to why this could happen in the first place. OK, except the remote access setting. But still, someone would need to do certain things to find my pc and get access in the background.
My question to you people is, how can I make sure that my system is clean again? And how can I prevent something like this in the future. I’d rather like to find the source of this instead of reinstalling Windows. Or has hacking tech really become this advanced that one can hack you and you cannot find out what happened at all?
Did you install any files recently?