While running various security scans, it could also help to disconnect all network access (even from a home/private connection) - just make sure that the antivirus/security products have the latest definition(s) first, ready to use (and/or run it from a USB device, if the option exists as others said.)

Power down the PC, disconnect the ethernet cable and/or turn-off wireless function, so that the backdoor is shut down - restart & run it. Running the newer Microsoft OS's, it wouldn't "hurt" to d/l the MSE and/or turn/on Windows Defender to do deep scanning of all the drives/partition/folders & files, etc. Re-check the firewall & router security logs afterward & see if there are any unusual activities or ports being accessed ...

It's a PITA to reformat the drives & do a clean install as nobody looked forward to a half day ++ of work sitting & staring the hardware, but sometimes, it's the last resort.

My designated home server dual boot so I have another OS to fall back on, and the running AV software will scan all connected/shared drives across OS/platforms - and, we're been lucky "clean" thus far on our current setup for 5+ years - and, that's with iCloud, Drive, SkyDrive & DropBox features installed (aren't always connected/on - enabled on as needed basis.)