# RAT through network, powershell, schedule tasks



## ByeThere (May 20, 2019)

Due to suspicious behavior i wanted a clean install of windows so i wiped everything removing all partions. I do not do much on it yet its runnibg hot there are soo many weird processes running in the back ground. Im not a computer wizz but i think they have gained access through the public network and are using powershell to schedule tasks perhaps. Is there a way to find out if this is infact happening. 2. Cn i find out who is doing it? 3. What would be the best securitu to use for not only my pc but how can i secure the family internet? Along with all devices being used on the network.


----------



## lunarlander (Sep 22, 2007)

It is very difficult to know if a suspicious program is running since the attacker can rename the file to something used by Windows itself. There is a program called MS AutoRuns, which allows you to see all the programs that start up automatically. And you can see the full path where it is installed. So something named svchost.exe residing in \program files\somewhere\ would stand out because svchost ought to be residing in \Windows\System32 .


----------



## ByeThere (May 20, 2019)

Thank you but what about the wifi that i connect to is there a way to factory reset and secure it also? Any suggestions?


----------



## lunarlander (Sep 22, 2007)

To secure Wi-Fi, the only thing you can do is go to your router's web page and set WPA2 password to a long passphrase.


----------

