Is There A Way To Check If Iot Devices Have Been Compromised?

Long story short: I believe one of my PCs was remotely accessed, though I'm not sure exactly how. I'm now paranoid that any one of my IOT devices could have some sort of virus or permanent exploit.

1. Is it possible to have a virus injected into the firmware of a device (something that persists after a reset)?
2. If so, is there a way to scan for such compromises?
3. Is there a way to recover? Would re-flashing firmware (supposing I could access it) be a fix?

Longer story: I used my W10 laptop ope evening, and the next evening when I opened it up there were 2 browser windows open to random sites (nothing bad/weird), and the permissions for one of my shared folders was opened. So, I think the hacker may have been able to access all of my personal and financial data. I bear some responsibility in the lack of security: I had a network share with all of my data in it, and I had a bunch of IOT devices on the same network. I have since reset my router and I'm only running on one PC via ethernet cable (fairly sure its clean, its been scanned per the instructions on this site and nothing suspicious looking came up).

Any advice or insight would be appreciated!

 

You need to post in the Specialist Malware Forum since you appear to have some malware. Only the Malware Experts there can help you. But before you post a new thread there, you must first complete all the steps in the Read & Run Me First Malware Removal Guide and then post the text logs in a new thread in that specialist forum.