Despite Working in IT Support, I Can’t Identify the Unrecognized Remote Access to My System

BCAdmin

Uninvited Guest: My Experience with Mysterious Remote Access to My Computer

As an IT support professional, I thought I had seen it all—until I encountered an unsettling incident that left me puzzled and concerned about remote access to my computer. Allow me to walk you through the unsettling encounter and the steps I took to regain control.

The Unfolding Mystery

It all began when I noticed unusual activity on my system. I discovered that someone had managed to remotely control my computer, specifically through the Firefox browser. The intruder performed the following actions:

  • Opened a new tab in Firefox, which was already active.
  • Searched for Google, albeit with a misspelling initially.
  • Conducted a search for a particular cryptocurrency game before I could intervene.

Realizing the severity of the situation, I immediately took action by severing my network connection. From there, I implemented a series of defensive measures:

  • Disabled remote access features on my PC.
  • Uninstalled AnyDesk, which I had previously used for work purposes.
  • Conducted thorough scans using Malwarebytes and its rootkit scanner, but found no malware.
  • Adjusted my local security policy to prevent network connections.
  • Deleted a few recently installed applications, including ClipClip and Winamp.

Given that my Windows operating system was already up to date and I use Windows Defender as my antivirus, I was left pondering two critical questions: How did this happen, and more intriguingly, why would anyone search for that particular game?

While I felt compelled to reinstall Windows 10 as a precautionary measure, I’d like to gather further insights from the community to demystify this ordeal.

Community Support and Further Steps

After sharing my concerns, several thoughtful responses emerged, suggesting various possibilities. The underlying cause remained elusive; it might have stemmed from an extension, AnyDesk, or potentially a more insidious threat that I had yet to uncover. Below are the proactive steps I’ve taken since:

  • I’ve removed all browser extensions except for LastPass, uBlock Origin, and Dark Reader.
  • I made it a point to power down my PC when not in use and lock it every time I leave the room.
  • AnyDesk has been uninstalled, but I may reintegrate it for outbound connections only while blocking inbound access.

Should anything similar occur again, I’ll be reaching back to this community for guidance.

One Week Later: History Repeats Itself

Despite implementing these security measures

Share this content:

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *