Well, since this wasn't technically a virus, not certain any AV solution would have caught it. Using Comodo firewall and Malwarebytes (paid version). However, I suspect this was crapware attached to another install that did not mention it was to be installed. I watch that pretty closely, but not all install systems announce themselves. And there is a possibility that I didn't install it, a neighbor did. I'm doing some Web work for her and her family, but some of what they want is on Facebook, so she has logged in several times to grab some photos she wants. I suspect she may have installed a Firefox extension to assist her
The thing that aroused my curiosity initially was the discovery of a recent temp
directory on the root of C:\ with only two (2) files in it. When I searched on the files, I discovered - and eradicated - part of the problem. Just couldn't get rid of the whole famned damily, as it were.
As to the recovery aspect, one (1) of the onsite drives I was using for recovery purposes failed physically. So the inability to recover was due, in part, to mechanical failure. Appears that I'll have to - again! - rethink my storage/recovery scenario. Lost my off-site storage - she got married and moved away
- and don't have anything to replace that as yet.
So, a significant part of this was happenstance and timing, you might say Chance
- with a capital SEE?
Been trying out Sterjo NetStalker
lately. It provides alerts for every outbound communication attempt, but only on the first try unless you deny permission. And it doesn't seem to work for sub
, once ya give Firefox outbound permission, anything under Firefox inherits that permission. So, even it it were a standalone program, since it was communicating via browser, it was using that browser's permissions and was not detected.