LocalThreats

Thanks so much for your help. Could I ask what antivirus/anti-rootkit software you use? I'm slightly paranoid about reinfection - Thanks.

Thanks, I have removed older versions of Python and updated the rest, regards,

Thank you for the continued speedy help. I have uninstalled Bonjour. SecurityCheck.txt

It's not allowFRST.txtAddition.txting me to edit my previous post - I forgot to restart my PC before running FRST, my apologies. Please find the new logs below. Thanks in advance

Please find attached logs - Thanks. AdwCleaner[S04].txt MalwareBytesLog.txt Addition.txt FRST.txt

Thanks, I'll update with the logs when they're done. I've found these System overrides in my Windows Exploit Protection settings and I don't remember ever setting these, are they suspicious? Thanks so much for the help <?xml version="1.0" encoding="UTF-8"?> <MitigationPolicy> <AppConfig Executable="ExtExport.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ie4uinit.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ieinstal.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ielowutil.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ieUnatt.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="iexplore.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="mscorsvw.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="msfeedssync.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="mshta.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="MsSense.exe"> <StrictHandle Enable="true" /> <SEHOP Enable="true" TelemetryOnly="false" /> </AppConfig> <AppConfig Executable="ngen.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="ngentask.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="PresentationHost.exe"> <DEP Enable="true" EmulateAtlThunks="false" /> <ASLR ForceRelocateImages="true" RequireInfo="false" BottomUp="true" HighEntropy="true" /> <SEHOP Enable="true" TelemetryOnly="false" /> <Heap TerminateOnError="true" /> </AppConfig> <AppConfig Executable="PrintDialog.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="runtimebroker.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="SystemSettings.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> </MitigationPolicy>

Thanks @AdvancedSetup ESET2.txt

Thanks, msert.log

Hello, Hope you are well. Thanks mbar-log-2021-12-22 (21-36-06).txt system-log.txt

I've just had this error while trying to scan some files. Kind regards,

Hello, I'm fairly sure I've been infected by a RAT, and I have some questions - is there anyway to see if this was installed by a family member on the same network with physical access to the computer? I dread to think it was my brother but I'm fairly certain. Is this system still infected? I have also found Malwarebytes antivirus scans with no action taken and things added to my exception list. I have added those logs alongside the log this advice - Thanks in advance. Addition.txt FRST.txt AdwCleaner[C00].txt MostRecentPostADW.txt Previous1.txt Previous2.txt Previous3.txt Previous4.txt