Scrooge

Thank you. Maybe this reparse something was caused by the fact that I wanted to install Keeper password manager from Windows store until I didn't because I changed my mind and then I messed it even more in Windows 'head' by trying to install its desktop version until again I didn't because I changed my mind the second time.

Hi, it's me again. Today I scanned my laptop with this Rkill, I don't know why, maybe I souldn''t have but earlier it never showed this: Performing miscellaneous checks: * Reparse Point/Junctions Found (Most likely legitimate)! * C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir] I attach the Rkil log. Should I be concerned about i? I immediately scan the whole computer with EEK but nothing was found, the same with Adwcleaner Just in case FARBAR logs here: Rkill.txt FRST.txt Addition.txt EEK_scan_180717-202459.txt Now it's gone but I;m curious whta that was Rkill.txt

Thank you. btw, just deleted FRST I'm planning to buy Emsisoft 3-year license. Is there such a thing like Emsisoft life time license? Anyway, I'd like to thank you for fixing my gal friday laptop. I trully appreciate it. The topic can be closed.

Thank you Kevin. If I can ask you one more thing. I was wondering would you adise to turn on this relatively recent feature "memory integrity" in Windows Defender Seurity Center with Emsisoft being installed? I've heard that some Windows users reported significant slowdowns and a decrease in system performance after they turned it on, even without any antivirus program being installed? p.s. I just tried to delete it but it doesn't want to be deleted somehow. It says the file or folder is open in another program but I don't know where it can be opened.

Fixlog here. Fixlog.txt I also have a question. What should I do with the folder FRST on my C?. Can I delete it? Because now everytime I start the Device Performace & health section it says 1 recommendation and when I run the troubleshooting it says that SASKUTL and SASDIFSV don't have drivers, which is quite understandble. I can always dismiss it but I'd like to get rid off it. They belong to SUPERAntiSpyware software and they are not essential for Windows. I don't have it any more and I don't want it. Can I just delete FRST? p.s. I'm sorry. It doesn't show any more when I restarted my computer again without dissmissing the recommendation.

Things are running smoothly thanks to you. I really appreciate it. Thank you very much Kevin. I really don't want to put you out, you helped me a lot already, but if you just could take a look at this farbar scans of another laptop for any possible signs of malware. FRST.txt Addition.txt

Done. The fixlog is attached. Fixlog.txt

I did like you said. And I changed the EEK user interface language to English before doing that. Just in case I also generated the forensics log of that entry. Here are the files. full path to installer.dat.txt Forensics_180710-082411.txt

Here they are. I ran the fresh EEK scan first and FRST second. Forensics_180709-091807.txt FRST.txt Addition.txt

Sure, I'll do it on Monday thirst thing in the morning. Thanks a lot for your patience with me.

Yes, I think I have AdwCleaner delete this TweakBit. Sorry, I must've attached the wrong file. I just ran AdwCleaner again but there is only the scan log. AdwCleaner[S00].txt

I ran the second time. the log file of the result is attached. AdwCleaner[S00].txt

Thank you , this is the log file you requested after AdwCleaner. AdwCleaner[S00].txt

I'm sorry Kevin, you're absolutely right. I shouldn't ve done that, It won't happen again. Here is the fixlog text file the program created. I did as you instructed. I copied everything form strt to end and clicked the fixed button. And as you said I read it form the clipboard I guess because the popup said " Repair is finished, close all windows and restart uyour computer I'm sorry, you're absolutely right. I shouldn't ve done that, It won't happen again. Here is the fixlog text file the program created. I did as you instructed. I copied everything form strt to end and clicked the fixed button. And as you said I read it form the clipboard I guess because the popup said " Repair is finished, close all windows and restart your computer. After restart you won't receive any notification from this tool" I'm sorry again that I didn't follow your instructions right away. Fixlog.txt

One more thing, Should I change back the ownership of "Paths" in this location HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths from "Everyone" to "SYSTEM"?