Malware authors have been using the Windows Task Scheduler (or AT.exe jobs) to victimize hosts for at least a decade. Recent Zlob variants and click-fraud Trojan Bamital have used Task Scheduled jobs. When used remotely, the service handles the heavy work of creating, scheduling, and running the job. Remote jobs are pretty common common when hackers are creating malicious jobs or malicious hackers are involved. There are a few steps you can take, and they’re not hard — you just have to be aware.”]
Source: https://www.csoonline.com/article/2621116/malware-loves-windows-task-scheduler.html