HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:137 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:186 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:264 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:287 [0]
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:92 [0]
CMD: SC config DellClientManagementService start= disabled
CMD: net stop wsearch
CMD: move "%programdata%\microsoft\search\data\applications\windows\Windows.edb" "%programdata%\microsoft\search\data\applications\windows\Windows.edb.bak"
CMD: del "%programdata%\microsoft\search\data\applications\windows\Windows.edb"
CMD: net start wsearch
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: