wasser

So far so good? (Happy Tryptophan day!)

Aye Aye! Fixlog.txt

Sorry for the lag, we had a little family spat about "haven't we done enough already" 🙃 Log attached now! SecurityCheck.txt

New Farbar logs -- 🤞 FRST.txtAddition.txt

"2023-11 Cumulative Update for Windows 11 Version 23H2 for x64-based Systems (KB5032190)" is now pending -- Should I install during restart, or just restart and run Farbar first?

Kapersky looks clear! report_2023.11.15_08.55.57.klr.txt

Huh -- seems like the safety scanner ran the update on its own when it completed the scan.

Will do!

Here 'tis: msert.log

Quick question plus an added observation; 1) I've still got an update to Windows 11 Version 23H2 pending; should I do that install and restart before this scan? 2) One other odd behavior I've caught, when I try to click into the taskbar search field some gray box pops up as if it's the auto-complete answers, but then drops down again before showing anything, and the cursor never actually appears in the search box and text never shows up when I type. I don't know if that's been going on since before the intrusion last week.

Yes please - thank you!

I used a clean computer for all the resets, and I'll do another reset pass in a few days too.

A family member gave remote access to an HP print repair spoofer, and I'm trying to figure out if I need to do a full wipe/reset, and what I can save from the laptop's files first, and what event logs etc I should export beforehand. Malwarebytes has come up clean on several scans. The spoofer installed several HP utility apps, I'm not savvy enough to tell if they're genuine or bogus. I've changed the most critical passwords, reset wifi and router passwords, and am working my way through the rest. The only clearly suspicious thing I've found is a c drive folder named "a" , created during the remote access, with a whole bunch of empty/hidden files only subfolders that seem like data dump structures? screenshot of that folder is attached, and Farbar scan and mbst grab zip Right now, the pc has a system update and chrome update pending; I dunno if I should allow those or not, before/after whatever else I do? Thanks in advance! Addition.txt FRST.txt mbst-grab-results.zip

Thank you! 1. Yep, we stopped payment on the check (still arguing about whether to close the account completely) 2. I wondered if I should go directly to the "removal help" subforum but guessed wrong that I should start here. Hopefully there won't be a next time but if there is I'll know!

Malwarebytes support tool gathered logs are attached. mbst-grab-results.zip