Question Network Monitor Showing Someone w/ Unauthorized Remote Access

Doc H

Reputable
Nov 1, 2014
5
0
4,510
0
Hi there,

Long time lurker, 2nd time poster. I can typically figure these kinds of things out on my own, but not so much lately. To be candid, I've fallen behind on the technology front, exponentially so regarding Windows 10.

So here's what's going on, I think. I've noticed some unusual activity on my network - significant drops in network stability (only on the laptop in question), random and significant events triggering massive CPU, RAM, and network usage. Also I have a few specific questions regarding what I believe to be - unauthorized users on my network remotely. I know there were unauthorized users (read: shitty bum neighbors) at some points in the past, however I've changed both my network IDs and WiFi passwords. So, before I ramble on in scatterbrain mode any further, my first request:

1. I only just discovered Resource Monitor (Win10 Factory version) yesterday March 15, 2019. I KNOW, I know... ( ._.) ... I'm not proud. After poking around with it for a while I noticed what/who I believe to be a remote intruder. On the Network tab, listed under Network Activity I saw a few questionable images running. But what really bothered me (and brought me back to this wonderful community) is the image of svchost, which isn't cause for alarm in and of itself. What IS however, what the address it was running from, which was: "MyLaptopName.Ian"

Am I being paranoid or is that a definitive indication that someone (or more) is snooping around my computer? Any help, suggestions, explanations, would be greatly appreciated!

Some background info that has the possibility of being relevant:
-I was gifted this laptop from my former business partner. We ran an independent GameShop until it was no longer lucrative and we went our separate ways. So this laptop came from a former customer on trade-in. I have reason to believe it was traded-in by the legitimate owner; he knew the login and BIOS passwords, and typed them in quickly like he was used to it. He's not a junkie nor was he hurting for cash; he took the store credit even. Giving this background into has jogged my memory as well.
2. When former boss gifted me this, he said something to the tune of "I took all my stuff off, go ahead and format it or reset it or whatever". I've never been able to fully reinstalled Windows, as I usually do on any of my machines, using either the original CDs or an image on USB. I was able to "reset" the laptop remove all Win10 apps and other 3rd party software installed by a user and start with a .... sorta-fresh install of Windows, which doesn't do a whole lot. My thinking is that if the C drive is exclusively for the OS on this machine (Windows 10), and the issues lie in my downloads on the D: partition, will they even be found?

ONCE AGAIN ANY AND ALL GENUINE HELP OR ASSISTANCE is appreciated.
- Danny_BonaDocHe
 

geniusdevil

Commendable
Jun 13, 2016
29
0
1,530
0
Hi there,

Long time lurker, 2nd time poster. I can typically figure these kinds of things out on my own, but not so much lately. To be candid, I've fallen behind on the technology front, exponentially so regarding Windows 10.

So here's what's going on, I think. I've noticed some unusual activity on my network - significant drops in network stability (only on the laptop in question), random and significant events triggering massive CPU, RAM, and network usage. Also I have a few specific questions regarding what I believe to be - unauthorized users on my network remotely. I know there were unauthorized users (read: shitty bum neighbors) at some points in the past, however I've changed both my network IDs and WiFi passwords. So, before I ramble on in scatterbrain mode any further, my first request:

1. I only just discovered Resource Monitor (Win10 Factory version) yesterday March 15, 2019. I KNOW, I know... ( ._.) ... I'm not proud. After poking around with it for a while I noticed what/who I believe to be a remote intruder. On the Network tab, listed under Network Activity I saw a few questionable images running. But what really bothered me (and brought me back to this wonderful community) is the image of svchost, which isn't cause for alarm in and of itself. What IS however, what the address it was running from, which was: "MyLaptopName.Ian"

Am I being paranoid or is that a definitive indication that someone (or more) is snooping around my computer? Any help, suggestions, explanations, would be greatly appreciated!

Some background info that has the possibility of being relevant:
-I was gifted this laptop from my former business partner. We ran an independent GameShop until it was no longer lucrative and we went our separate ways. So this laptop came from a former customer on trade-in. I have reason to believe it was traded-in by the legitimate owner; he knew the login and BIOS passwords, and typed them in quickly like he was used to it. He's not a junkie nor was he hurting for cash; he took the store credit even. Giving this background into has jogged my memory as well.
2. When former boss gifted me this, he said something to the tune of "I took all my stuff off, go ahead and format it or reset it or whatever". I've never been able to fully reinstalled Windows, as I usually do on any of my machines, using either the original CDs or an image on USB. I was able to "reset" the laptop remove all Win10 apps and other 3rd party software installed by a user and start with a .... sorta-fresh install of Windows, which doesn't do a whole lot. My thinking is that if the C drive is exclusively for the OS on this machine (Windows 10), and the issues lie in my downloads on the D: partition, will they even be found?

ONCE AGAIN ANY AND ALL GENUINE HELP OR ASSISTANCE is appreciated.
- Danny_BonaDocHe
Is it Home or Pro edition? Cuz Windows 10 could create virtual adapters, drives--depending your configuration.
I'd have done a clean installation if received a devices from someone. You should always start fresh, fresh ip, fresh cache etc., 🌚
 

Similar threads


ASK THE COMMUNITY