Support NeoGAF

[AJUMP23]

Tech Gaf,

I got a call from my wife saying she was watching the mouse move on the computer and opening bank accounts and investment accounts in the browser. She was not touching the PC. She thought I had remote desktop in to the PC, but that is impossible on my work machine.

What tools would you recommend I run to find the malicious remote desktop SW. I also had her turn off the PC for now.

Any suggestions appreciated, jokes welcome too.

 

[Days like these...]

Tech Gaf,

I got a call from my wife saying she was watching the mouse move on the computer and opening bank accounts and investment accounts in the browser. She was not touching the PC. She thought I had remote desktop in to the PC, but that is impossible on my work machine.

What tools would you recommend I run to find the malicious remote desktop SW. I also had her turn off the PC for now.

Any suggestions appreciated, jokes welcome too.

I told you to let me hold $5

 

[HeisenbergFX4]

Hope you changed every password ever used on that PC

I like Malwarebytes but maybe the more tech savy knows something better

 

[AJUMP23]

Hope you changed every password ever used on that PC

Malware bytes

I will, but I also have 2 factor on everything, so that will help prevent any malicious access.

Malwarebytes was my first go to. MS has a malicious software removal tool as well.

 

[cormack12]

I would rebuild/reimage my PC. Sorry bud, taking no chances with that shit with online banking etc.

 

[AJUMP23]

I would rebuild/reimage my PC. Sorry bud, taking no chances with that shit with online banking etc.

I can do that as most of the data is on other drives and just my OS is on a NVME.

Maybe I could buy a new NVME and then use it. and Clean the old one.

 

[kanjobazooie]

I'd have a stroke and a heart attack if this happened to me.

 

[RiccochetJ]

I second Malwarebytes. However, if my machine was compromised like that, I would do a wholesale format and reinstall. I wouldn't trust anything.

 

[Punished Miku]

What tools would you recommend

 

[El Muerto]

Is it a laptop? Could of spilled or got something greasy on the touchpad. Windows defender has always worked fine for me though. Maybe update it and do an offline scan in Windows Security -> Virus Threat Protection->Scan options

 

[Donald mac Ronald]

Also check processes running. If there's an exe running in the process eating up CPU. A long time ago I had a virus that high jacked my pc running the CPU at 100% for bit mining. My computer was bit mining for someone.

 

[Riptastic]

I wouldn't worry about it m8, everything will be fine

 

[HeisenbergFX4]

I wouldn't worry about it m8, everything will be fine

He will be fine

Now if he would just give me those 3 funny little numbers on the back of his credit card it would all be over in a split second

 

[diffusionx]

Buy a new computer

 

[sono]

To do that someone is remote controlling your PC so there is both control software installed and a network path for them open to reach that software.

Take off and nuke the site from orbit; it's the only way to be sure

 

[Aesius]

Sounds like a Remote Access Trojan. Hard drive needs to be wiped immediately.

 

[Rentahamster]

If that happened to me, I'd just reinstall windows.

 

[winjer]

Hitman Pro and Emisoft Emergency scan.
They should detect and eliminate the malware.

A format and reinstall, is not a bad idea.
But make sure that other drives are cleaned up.

 

[Reizo Ryuu]

Malwarebytes, ms malicious software removal, hitman pro, run them all, safe mode/on boot if possible, then when that's done 'immunise' the browsers with someting like spybot.

 

[winjer]

Also, setting up a DNS such as Quad9, will block most malware sites. Making it another defensive layer.

 

[12Goblins]

malwarebytes and windows defender is all you need.

 

[Soodanim]

That sounds scary.

Lots of suggestions, but the first thing I would do is try booting into Safe Mode without internet enabled to do an offline scan and see if that can help kickstart things.

You could also do something scan from within Linux using a bootable image as another way to safely deal with the threat.

Scanning a Windows PC for viruses with an Ubuntu Live CD | Achievable Test Prep

Use an Ubuntu Live CD with ClamAV to scan and remove viruses from your Windows PC—no need to boot into Windows or be a tech expert.

blog.achievable.me

Or to skip Linux, bootable virus checkers like Dr.Web LiveDisc

14 Free Bootable Antivirus Tools We Recommend in 2025

A bootable virus scanner can delete viruses from your PC when Windows won't start. Here's a list of our favorite free ways to run a USB virus scan.

www.lifewire.com

 

[winjer]

BTW, considering that your PC was compromised, start changing passwords on sites you use.
They might have stolen some passwords or login cookies.

 

[Valonquar]

I'll preface this with the fact I manage 40k endpoints for a living. I'd advise a full re-image of the OS after formatting the drive to be honest. You can DL the Windows ISO direct from MS or DL Rufus which will DL the ISO and format a USB for you to use to install off of. You really can't trust what is left \ missed by free tools such as Malwarebytes.
As others have said, change ALL your passwords and enable MFA, and def check your accounts. Might also be a good idea to run a credit report in case they really went full retard.
You can also look into disabling RDP port 3389 on via modem firewall settings if you know you'd never need it.