I'm a software engineer and so I'm always very careful not to open email attachments or run strange .exe's downloaded from a website... but just the other day I switched from my desktop computer to my laptop, and someone was logged in opening, rearranging, and closing windows very quickly (like they were searching for something). This scared the heck out of me and I immediately shut down my computer. I've already run Avast, malwarebytes, Hijackthis, and some other anti-rootkit tools and they didn't find anything. I also don't have any remote access tools (according to my uninstall programs list) that I know of. The Avast virus scanner (run as boot scan) found one virus on chrome_update.exe which was "VBS:Downloader-AJD". But nothing else was found by it or Malwarebytes. Also, I've since installed ZoneAlarm (Is there a better firewall?).
Is there anything specific I should check for in regard to remote access malware/installations? I'm so glad I got the person in the act because they may have been able to use the browser to use my saved passwords to sites... Normally, I never have viruses since I never run weird .exes or open email attachments, and this is my personal laptop so it's not on a network either. I'm also the only person that uses the computer.
Are there any programs that specifically search for remote access software (just to make sure it hasn't been installed "behind the scenes")? Or any scanners for this specific type (remote access) of trojan? I'm thinking there's got to be a tool out there somewhere that network administers can use to scan their system for remote access tools that they don't want on their systems...
EDIT: I'm currently running Plumbware Anti-malware and it has found Zegost trojan on Windows/System32/ifgxtray.exe, so maybe that was the cause... it's still running so I will see if it finds anything else...
Edited by raw83472, 22 June 2017 - 01:27 PM.
Moved from MRL to Am I Infected - Hamluis.