Task: {DA068F28-DE41-45EE-B0CE-71AD07E51648} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {4487A0C9-CE2F-4E68-89F4-02EB3BA09FCC} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
CMD: mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot: