Tech Support Guy banner
Cancel

RAT through network, powershell, schedule tasks

8826 Views 3 Replies 2 Participants Last post by  lunarlander
B
Due to suspicious behavior i wanted a clean install of windows so i wiped everything removing all partions. I do not do much on it yet its runnibg hot there are soo many weird processes running in the back ground. Im not a computer wizz but i think they have gained access through the public network and are using powershell to schedule tasks perhaps. Is there a way to find out if this is infact happening. 2. Cn i find out who is doing it? 3. What would be the best securitu to use for not only my pc but how can i secure the family internet? Along with all devices being used on the network.
Save
Like
Status
Not open for further replies.
1 - 4 of 4 Posts
lunarlander
It is very difficult to know if a suspicious program is running since the attacker can rename the file to something used by Windows itself. There is a program called MS AutoRuns, which allows you to see all the programs that start up automatically. And you can see the full path where it is installed. So something named svchost.exe residing in \program files\somewhere\ would stand out because svchost ought to be residing in \Windows\System32 .
Save
Like
B
Thank you but what about the wifi that i connect to is there a way to factory reset and secure it also? Any suggestions?
Save
Like
lunarlander
To secure Wi-Fi, the only thing you can do is go to your router's web page and set WPA2 password to a long passphrase.
Save
Like
1 - 4 of 4 Posts
Status
Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Off Topic Lounge Thread Games & Discussion Networking
Top