So my brother recently found out how to view running processes on my computer remotely and I need to figure out how to prevent him from doing such. I can find out the program he's using but any suggestions help. I think windows management instrumentation (WMI) has something to do with it so would disabling that help/be safe??
post screencap of all your running processes. I'll help you point it out.
>>86354
you could try disabling remote connections
if it says "remote desktop" or "remote access", disable it
do not kill WMI
Why can't I kill WMI?
>>86461
you can....you can also try to delete system32
just because you can do something doesn't mean you should; I'm quite sure that's not what's enabling someone to remotely access your system
>>86461
Because since Windows 2000, WMI has been responsible for making Windows work.
Windows wants to change something on Windows, it invokes WMI to do it.
I guarantee you, if you delete WMI, Windows will still boot, but *everything will be broken*.
Assuming you've not had your Windows pwnt, you need to change all your passwords.
Makes sense, now I feel like a dumbass. My plan is to switch my windows account completely and continue to snuff out any programs running in the background and check any outgoing connections
>>86584
If it's your computer, remove any accounts that aren't yours. You can't invoke RPC on any random Windows machine; you have to have a valid account.
If anyone is accessing your machine, they're doing so with an account your machine recognises as valid.
If it's not your machine, stop fucking with it.
It's mine, I think he has my account username and password and maybe that's how he's getting remote access. So would changing the account help?
I found the damn thing, it was business spyware called activetrak. It was a bitch to uninstall but I'm hopefully in the clear