Task: {0CE88F57-BA56-46C0-91E1-D6FD764125E1} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-11] (Corel Corporation -> Corel Corporation) Task: {0FAAF9AC-E965-4CDC-8A70-95BDDB18F913} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {1323B463-6C98-44C0-96A6-A32A36C89A53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-15] (Google Inc -> Google Inc.) Task: {1A907020-9666-4068-AB16-1306679002DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {1E2A1B32-EF51-46E5-98DF-3C62806803B5} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-11] (Corel Corporation -> Corel Corporation) Task: {294C58B1-9F1A-4A6E-BE72-3D3DDF3C9C82} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {2DBBA33E-2AD1-4CE1-93B4-C381FC0A88C0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3717B651-E22F-4725-BC11-1BA6187B2D7F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {409F5BD5-67A1-4462-9165-6D1DC4D68E36} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {4E855516-69F8-40E7-B6A3-475839977A0C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2017-09-29] (Microsoft Windows -> Microsoft Corporation) Task: {675412B9-8E9B-42CC-9E4D-DF6BD3B4542B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {69C239EA-21F5-49D9-BA1F-9032B125F6EF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {75B2EE99-E19E-483A-9CA7-75CFD60916B9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8A48891D-8CD9-4625-A5DB-0DE284A2EE98} - System32\Tasks\TOSHIBA\SacReminderBOX => C:\ProgramData\Clickfree\BoxSoftware\reminder\SacReminder.exe [567120 2011-11-02] (Storage Appliance Corporation -> SAC) Task: {945FECF0-1E0D-49FD-B123-0E5CD1219BD7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {9FA05F4A-9910-4F01-89CC-9D70D5609B4C} - System32\Tasks\ArcSoft Connect => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.) Task: {A4BF8A98-3591-4429-A4D2-28464051C51C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {A62D6C41-6308-4D71-AA2B-932631997258} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {B3B61889-8B0F-4942-979F-B2C6D1AE0262} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {B8F79936-2DA4-4698-AD93-54646CCB92E9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {BF6A803E-75F3-4FDE-B583-149850544B32} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-11] (Corel Corporation -> Corel Corporation) Task: {C1C8E3F1-C472-4246-8B87-18A49A0D2CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CFEFC93D-4490-4D14-A5B2-72349806CA11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {D5B6827E-2A10-4C88-A432-5E0AC0DA098D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {F277B906-9AD9-483C-8A2D-E25626689B90} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION CMD: schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Application Experience\StartupAppTask" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /Disable CMD: schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Uploader" /Disable CMD: sc config WMPNetworkSvc start= disabled ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File FirewallRules: [TCP Query User{ED077476-74EA-43A5-9A0B-12EB003AC6E9}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe => No File FirewallRules: [UDP Query User{509832F8-03C2-4F91-9A96-F88C221929D5}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe => No File FirewallRules: [TCP Query User{95F0D941-4B11-4E66-A611-9CE67AA8C67E}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe => No File FirewallRules: [UDP Query User{D8CFBA5C-AF09-4790-8217-DFCC59FE1117}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe => No File FirewallRules: [{D9615E92-AD9B-4BA7-9369-B6CEC21C525C}] => (Allow) C:\Users\Patricia\AppData\Roaming\Zoom\bin\airhost.exe => No File Startup: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sticky Notes.lnk [2019-05-08] ShortcutTarget: Sticky Notes.lnk -> (No File) CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" Reboot: