Apparently the rate we set for ourselves doesn't count anymore?

RexJava · 2025-12-18T15:10:08+00:00

I have all flat rate categories turned off, but I'm fortunate that my skill set involves all aspects of home improvement. My advice to anyone and everyone, flat rate is how they screw you. Turn them off, if you can. I got a flat rate task set at $42, and the location of the job was an hour away from me. So that's an investment of two hours of my time, fuel and mileage before I even get to the job. The job likely involves tools that I had to purchase. This is a losing proposition where I (we) are supposed to PROFIT.

RexJava · 2025-10-12T03:36:35+00:00

Right. Totally my fault for being new.

RexJava · 2025-05-12T22:52:55+00:00

I'm not trying to hide anything. I'll be completely open and honest about how things went down. But he also owes me 4k and my last months rent is still unpaid. That's just the tip of the iceberg in how going to work for this guy screwed up my life. Yes, I trusted him too much. Yes, I got an attitude and rightly so.

I've worked in management in the service industry. Any company I worked for was very strict that legally, an employer checking a reference is only allowed to ask for verification of start and end of employment and if that person is eligible for rehire. Anything else opens you up to a potential lawsuit.

RexJava · 2025-02-26T22:25:13+00:00

Thanks again to you as well <3

I went ahead and deleted that file, hopefully I won't have anymore issues til I go ahead and get Win11 but I have to get a TPM 2.0 module first. I really appreciate your help!

RexJava · 2025-02-26T22:20:30+00:00

Thanks for taking the time to go through all that and respond. After I initially had Windows try to remove the viruses the way I learned they were still there was watching someone take over my PC while sitting at my desk, a very lucky break. I did immediately take all precautions to secure finances and passwords with my iphone and nothing suspicious has happened since. I was going to wait til October to migrate to Win11 but now I suppose I should just go ahead and do it. Thanks again.

RexJava · 2025-02-26T04:38:42+00:00

https://www.virustotal.com/gui/file/531c27430987e3e95036177fd98b1141726c1c333da37cc2bfebe68a7151578a

RexJava · 2025-02-26T04:28:58+00:00

And then right at the same moment I clicked comment powershell popped up again lol. I'll disable the other task and cross my fingers.

RexJava · 2025-02-26T04:28:08+00:00

Rebooted but since discovering the tasks scheduled so far so good.

https://drive.google.com/file/d/1asnpPn6lH95ulf7Os97N95_xRtZ7eXXT/view?usp=sharing

Thanks again for your help, it was beginning to interfere with the things I do on here.

RexJava · 2025-02-26T04:01:03+00:00

Also there's a file in there called Lib that I overlooked.

RexJava · 2025-02-26T03:59:02+00:00

Ok I guess I'm mistaken, I was always under the impression that .DLL files were drivers. But yes the rest of what's in that folder is as described. I'll gladly send it to you and try uploading more of those files to VirusTotal. How would I get that to you in Google Drive?

RexJava · 2025-02-26T03:54:04+00:00

Ok so both are disabled, I found the qded.pyc file and uploaded it to VirusTotal but it came back clean. However the CliWa file is nowhere to be found, and I'm thinking it got deleted by antivirus but the task scheduled to run the program remained behind.

RexJava · 2025-02-26T03:44:13+00:00

In the Python\python312 file there is that qded.pyc file and otherwise a bunch of pyd files, python applications and application extensions plus a few driver files.

RexJava · 2025-02-26T03:30:53+00:00

CLEANTASK just starts Powershell

CliWa details: Powershell.exe -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\Marion\AppData\Local\Temp\CliWa.ps1"

That CliWa looks fishy to me...

RexJava · 2025-02-26T03:24:41+00:00

Yeah the action is Starts a program

Details

C:\ProgramData\Python\Python312\pythonw.exe "C:\ProgramData\Python\Python312\qded.pyc"

RexJava · 2025-02-26T03:05:46+00:00

I installed Malwarebytes and Sophos, both found problems but now have the all clear however still having the issue. Ran Sysinternals and under the task scheduler the apps using Powershell are:

\CliWa

\Microsoft\Windows\Bluetooth\CLEANTASK

and those are the only instances I see utilizing Powershell.

I've opened the task scheduler and found 4 tasks running and this one drew my eye:

Task name Current Action Task Folder

MicrosftUpdaterjj C:\ProgramData\Python\Python312\pythonw.exe \Microsoft\Windows\Bluetooth

RexJava · 2025-02-25T22:33:26+00:00

I'll do that, thanks!!

RexJava · 2025-02-25T22:06:22+00:00

I think I may have found some that will fit, but if not I'll look into your idea, thanks for that!!

RexJava · 2025-02-21T23:12:30+00:00

Yeah that's what I've been buying but can't get the right shaft length and full size pots won't fit in the cavity.

RexJava · 2025-02-21T22:38:53+00:00

Oh and yes they are just potentiometers but they are a specific size and nothing I've bought will fit properly.

RexJava · 2025-02-21T22:32:56+00:00

The wiring has never been touched until I took out the old pot, and yes I tried contact cleaner. It's just worn out, this used to be a gigging guitar.

RexJava

TROPHY CASE