A user recently reported their machine was hijacked, there mouse was moving and folders and emails were being accessed. I thought Malware infections normally operate on the command line and access would not be visible to the user but I could be wrong. AV was the latest including Symantec network protection. Verious malware programs were run and everything looks clean. To me it just doesn't fit I also didn't see it happening.
Any suggestions thanks