• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 379
  • Last Modified:

Can I trace or audit Remote Scheduled Task (at.exe) Commands?

I have some virus that remotely schedules tasks on other computers and that made me think:

On the machine that the task is created on, is it possible to see from which machine that task was actually created? I assume using auditing it should be possible to trace this?

Any ideas?
0
GSLBermuda
Asked:
GSLBermuda
  • 3
  • 2
1 Solution
 
DonNetwork AdministratorCommented:
0
 
GSLBermudaAuthor Commented:
We already found out which virus we are dealing with (and yes, it was that one), that wasn't my question (I didn't post the question in the antii virus section ;-) ) My question is more in general, if someone remotely schedules a task on another computer, it is possible to trace such an attempt (succes or not) on the remote machine and how would I identify that in the event viewer or something like that.
0
 
DonNetwork AdministratorCommented:
0
 
DonNetwork AdministratorCommented:
Also some people have posted in other sections unknowing that they had said virus, so better safe than sorry :-)

Hope the above helps you
0
 
GSLBermudaAuthor Commented:
No Worries! And thanks, that article was very helpful.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now