Free Online Virus Scan | Trend Micro: https:\/\/www.trendmicro.com\/en_in\/forHome\/products\/housecall.html<\/p>\n
![\"\"](\"https:\/\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/trendmicro-yptx-malware.png\")
\n(Img Src: Microsoft Answers)<\/p>\n
\n
Step 2: Remove the rogue tasks and folders<\/h3>\nOption 1: Run ypsx_remove.bat<\/h4>\n\n- Download ypsx_remove.bat<\/a> (zipped) and save it to the desktop.<\/li>\n
- Unzip the archive and extract the Batch file to the desktop.<\/li>\n
- Right-click “ypsx_remove.bat<\/strong>” and choose Run as administrator<\/strong>.<\/li>\n<\/ul>\n
The batch file removes the rogue scheduled tasks and the folders typically added by the malware.<\/p>\n
\nOption 2: Run the commands manually.<\/h4>\n
Open an admin Command Prompt<\/a> and run these commands one by one:<\/p>\nschtasks.exe \/delete \/tn \"\\WDNA\" \/f\nschtasks.exe \/delete \/tn \"\\WDNA_LG\" \/f\nschtasks.exe \/delete \/tn \"\\YTPX Cloud LG\" \/f\nschtasks.exe \/delete \/tn \"\\YTPXCheck\" \/f\nschtasks.exe \/delete \/tn \"\\YTPXCheck LG\" \/f\nschtasks.exe \/delete \/tn \"\\VSPXService\" \/f\nschtasks.exe \/delete \/tn \"\\VSPXService_LG\" \/f\nschtasks.exe \/delete \/tn \"\\WNVIDIA_FACTORY_LG\" \/f\nschtasks.exe \/delete \/tn \"\\wupdatecloud\" \/f\nschtasks.exe \/delete \/tn \"\\wupdatecloud_LG\" \/f\nschtasks.exe \/delete \/tn \"\\ServiceGPUTaskUpdate\" \/f\nschtasks.exe \/delete \/tn \"\\APTXService\" \/f\nschtasks.exe \/delete \/tn \"\\APTXService_LG\" \/f\nschtasks.exe \/delete \/tn \"\\Window Update\" \/f\ntaskkill \/f \/im php.exe\ntaskkill \/f \/im rhc.exe\nrd \/s \/q \"%AppData%\\ypsx_cloud_v2\"\nrd \/s \/q \"%AppData%\\wupdater_cloud\"\nrd \/s \/q \"%AppData%\\ContentCloud\"\nrd \/s \/q \"%LocalAppData%\\wupdater_cloud\"\nrd \/s \/q \"%LocalAppData%\\ContentCloud\"\nrd \/s \/q \"%LocalAppData%\\CDContent\"\nrd \/s \/q \"%LocalAppData%\\WDZCloud\"\nrd \/s \/q \"%LocalAppData%\\ypsx_cloud_v2\"\nrd \/s \/q \"%LocalAppData%\\updates\"\nrd \/s \/q \"%LocalAppData%\\HintonJer\"\nrd \/s \/q \"%LocalAppData%\\KbLobs\"\nrd \/s \/q \"%LocalAppData%\\wtraff_cloud\"\n\npowershell.exe -command gci $env:Appdata -filter 'rhc.exe' -depth 3\npowershell.exe -command gci $env:LocalAppdata -filter 'rhc.exe' -depth 3\n<\/pre>\nThe last two commands verify if the unneeded program still exists (perhaps under a different folder name) on the disk. If rhc.exe appears in the directory listing, delete the parent folder manually.<\/p>\n
Important<\/h3>\n
The above Batch file removes the entries typically added by this specific malware. Your computer may be infected by a different version of this malware that uses other folder names. Following up with a manual verification using Autoruns<\/a> or the Farbar Scanner<\/a> tool is best.<\/p>\n","protected":false},"excerpt":{"rendered":"A new malware emerged in the 1st week of August 2023 that has infected many computers already. The origin of the malware is yet to be traced, but the malware adds six scheduled tasks, each of which runs rhc.exe, wscript.exe agile2.vbs, ytcheckts.vbs, and php.exe.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[8,869],"tags":[191,963,581],"class_list":["post-60308","post","type-post","status-publish","format-standard","hentry","category-windows-10","category-windows-11","tag-error-messages","tag-malware","tag-task-scheduler"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":54263,"url":"https:\/\/www.winhelponline.com\/blog\/windows-script-host-error-run-vbs\/","url_meta":{"origin":60308,"position":0},"title":"Windows Script Host error in AppData\\Local\\Updates\\Run.vbs. The System cannot find the file specified","author":"Ramesh","date":"June 17, 2023","format":false,"excerpt":"When you login to your account,\u00a0you may see a Windows Script Host error similar to the following: Windows Script Host Script: C:\\Users\\{username}\\AppData\\Local\\Updates\\Run.vbs Line: 31 Char: 1 Error: The system cannot find the file specified. Code: 80070002 Source: (null) Additionally, on some systems, you may see a WindowsService.exe popup window that\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"windowsservice.exe malware","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":37787,"url":"https:\/\/www.winhelponline.com\/blog\/unremovable-apps-extension-edge-chrome\/","url_meta":{"origin":60308,"position":1},"title":"Fix: Unremovable “Apps” Extension in Edge or Chrome","author":"Ramesh","date":"April 11, 2023","format":false,"excerpt":"Of late, many users are facing a problem where a rogue browser extension named \"Apps\" appears in Chrome or Edge. Also, the user is unable to remove the extension. Attempting to remove the extension via the registry or deleting the extension folder doesn't help, as the extension is automatically installed\u2026","rel":"","context":"In "General"","block_context":{"text":"General","link":"https:\/\/www.winhelponline.com\/blog\/category\/general\/"},"img":{"alt_text":"Farbar scanner - FRST","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":59512,"url":"https:\/\/www.winhelponline.com\/blog\/common-language-runtime-native-compiler-100-cpu\/","url_meta":{"origin":60308,"position":2},"title":"Microsoft Common Language Runtime Native Compiler 100% CPU Usage","author":"Ramesh","date":"July 18, 2023","format":false,"excerpt":"When you open Task Manager, you may see that the module \"Microsoft common language runtime native compiler\" may use 100% of the CPU and hamper the device's performance. If the task is ended manually, it starts up automatically after about 10-20 minutes. You may wonder what causes this issue and\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":31386,"url":"https:\/\/www.winhelponline.com\/blog\/windows-update-services-deleted-every-restart\/","url_meta":{"origin":60308,"position":3},"title":"Windows Update services are deleted at every restart","author":"Ramesh","date":"December 30, 2022","format":false,"excerpt":"After you restore the missing Windows Update, BITS, or the Update Orchestrator Service services using registry files, you find that the services vanish again after a restart. They don't appear in the Services MMC. Cause This issue happens if your computer is infected. Malware running as a service or scheduled\u2026","rel":"","context":"In "Windows"","block_context":{"text":"Windows","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/"},"img":{"alt_text":"autoruns check virus total","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2022\/12\/autoruns-check-virustotal.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":59970,"url":"https:\/\/www.winhelponline.com\/blog\/securityhealthservice-not-responding-to-control-function\/","url_meta":{"origin":60308,"position":4},"title":"SecurityHealthService “The service is not responding to the control function” Error","author":"Ramesh","date":"August 2, 2023","format":false,"excerpt":"The Windows Security app may not open or the window may appear blank. When you try to start \"Windows Security Service\" (SecurityHealthService) via Services MMC or command-line, it may get stuck in the \"START_PENDING\" state and the following error may appear: The service is not responding to the control function.\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"securityhealthcenter ifeo unblock","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":5488,"url":"https:\/\/www.winhelponline.com\/blog\/xdgaudio-vbs-80070002-malware\/","url_meta":{"origin":60308,"position":5},"title":"Error 80070002 xdgaudio.vbs cannot find the file specified?","author":"Ramesh","date":"October 12, 2017","format":false,"excerpt":"If you're receiving the following error message related to \"xdgaudio.vbs\" in your system, then your computer is most likely infected. Script:\u00a0\u00a0\u00a0 C:\\windows\\xdgaudio.vbs Line:\u00a0\u00a0\u00a0 3 Char:\u00a0\u00a0\u00a0 1 Error:\u00a0\u00a0\u00a0 The system cannot find the file specified. Code:\u00a0\u00a0\u00a0 80070002 Source:\u00a0\u00a0\u00a0\u00a0 (null) When edited with Notepad, the script may contain lines such as below:\u2026","rel":"","context":"In "Windows"","block_context":{"text":"Windows","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/"},"img":{"alt_text":"xdgaudio.vbs error malware","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts\/60308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/comments?post=60308"}],"version-history":[{"count":0,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts\/60308\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/media?parent=60308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/categories?post=60308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/tags?post=60308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- \n
- Download ypsx_remove.bat<\/a> (zipped) and save it to the desktop.<\/li>\n
- Unzip the archive and extract the Batch file to the desktop.<\/li>\n
- Right-click “ypsx_remove.bat<\/strong>” and choose Run as administrator<\/strong>.<\/li>\n<\/ul>\n
The batch file removes the rogue scheduled tasks and the folders typically added by the malware.<\/p>\n
\nOption 2: Run the commands manually.<\/h4>\n
Open an admin Command Prompt<\/a> and run these commands one by one:<\/p>\n
schtasks.exe \/delete \/tn \"\\WDNA\" \/f\nschtasks.exe \/delete \/tn \"\\WDNA_LG\" \/f\nschtasks.exe \/delete \/tn \"\\YTPX Cloud LG\" \/f\nschtasks.exe \/delete \/tn \"\\YTPXCheck\" \/f\nschtasks.exe \/delete \/tn \"\\YTPXCheck LG\" \/f\nschtasks.exe \/delete \/tn \"\\VSPXService\" \/f\nschtasks.exe \/delete \/tn \"\\VSPXService_LG\" \/f\nschtasks.exe \/delete \/tn \"\\WNVIDIA_FACTORY_LG\" \/f\nschtasks.exe \/delete \/tn \"\\wupdatecloud\" \/f\nschtasks.exe \/delete \/tn \"\\wupdatecloud_LG\" \/f\nschtasks.exe \/delete \/tn \"\\ServiceGPUTaskUpdate\" \/f\nschtasks.exe \/delete \/tn \"\\APTXService\" \/f\nschtasks.exe \/delete \/tn \"\\APTXService_LG\" \/f\nschtasks.exe \/delete \/tn \"\\Window Update\" \/f\ntaskkill \/f \/im php.exe\ntaskkill \/f \/im rhc.exe\nrd \/s \/q \"%AppData%\\ypsx_cloud_v2\"\nrd \/s \/q \"%AppData%\\wupdater_cloud\"\nrd \/s \/q \"%AppData%\\ContentCloud\"\nrd \/s \/q \"%LocalAppData%\\wupdater_cloud\"\nrd \/s \/q \"%LocalAppData%\\ContentCloud\"\nrd \/s \/q \"%LocalAppData%\\CDContent\"\nrd \/s \/q \"%LocalAppData%\\WDZCloud\"\nrd \/s \/q \"%LocalAppData%\\ypsx_cloud_v2\"\nrd \/s \/q \"%LocalAppData%\\updates\"\nrd \/s \/q \"%LocalAppData%\\HintonJer\"\nrd \/s \/q \"%LocalAppData%\\KbLobs\"\nrd \/s \/q \"%LocalAppData%\\wtraff_cloud\"\n\npowershell.exe -command gci $env:Appdata -filter 'rhc.exe' -depth 3\npowershell.exe -command gci $env:LocalAppdata -filter 'rhc.exe' -depth 3\n<\/pre>\n
The last two commands verify if the unneeded program still exists (perhaps under a different folder name) on the disk. If rhc.exe appears in the directory listing, delete the parent folder manually.<\/p>\n
Important<\/h3>\n
The above Batch file removes the entries typically added by this specific malware. Your computer may be infected by a different version of this malware that uses other folder names. Following up with a manual verification using Autoruns<\/a> or the Farbar Scanner<\/a> tool is best.<\/p>\n","protected":false},"excerpt":{"rendered":"
A new malware emerged in the 1st week of August 2023 that has infected many computers already. The origin of the malware is yet to be traced, but the malware adds six scheduled tasks, each of which runs rhc.exe, wscript.exe agile2.vbs, ytcheckts.vbs, and php.exe.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[8,869],"tags":[191,963,581],"class_list":["post-60308","post","type-post","status-publish","format-standard","hentry","category-windows-10","category-windows-11","tag-error-messages","tag-malware","tag-task-scheduler"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":54263,"url":"https:\/\/www.winhelponline.com\/blog\/windows-script-host-error-run-vbs\/","url_meta":{"origin":60308,"position":0},"title":"Windows Script Host error in AppData\\Local\\Updates\\Run.vbs. The System cannot find the file specified","author":"Ramesh","date":"June 17, 2023","format":false,"excerpt":"When you login to your account,\u00a0you may see a Windows Script Host error similar to the following: Windows Script Host Script: C:\\Users\\{username}\\AppData\\Local\\Updates\\Run.vbs Line: 31 Char: 1 Error: The system cannot find the file specified. Code: 80070002 Source: (null) Additionally, on some systems, you may see a WindowsService.exe popup window that\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"windowsservice.exe malware","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/06\/windowsservice-exe-pop-up.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":37787,"url":"https:\/\/www.winhelponline.com\/blog\/unremovable-apps-extension-edge-chrome\/","url_meta":{"origin":60308,"position":1},"title":"Fix: Unremovable “Apps” Extension in Edge or Chrome","author":"Ramesh","date":"April 11, 2023","format":false,"excerpt":"Of late, many users are facing a problem where a rogue browser extension named \"Apps\" appears in Chrome or Edge. Also, the user is unable to remove the extension. Attempting to remove the extension via the registry or deleting the extension folder doesn't help, as the extension is automatically installed\u2026","rel":"","context":"In "General"","block_context":{"text":"General","link":"https:\/\/www.winhelponline.com\/blog\/category\/general\/"},"img":{"alt_text":"Farbar scanner - FRST","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/04\/frst-dashboard.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":59512,"url":"https:\/\/www.winhelponline.com\/blog\/common-language-runtime-native-compiler-100-cpu\/","url_meta":{"origin":60308,"position":2},"title":"Microsoft Common Language Runtime Native Compiler 100% CPU Usage","author":"Ramesh","date":"July 18, 2023","format":false,"excerpt":"When you open Task Manager, you may see that the module \"Microsoft common language runtime native compiler\" may use 100% of the CPU and hamper the device's performance. If the task is ended manually, it starts up automatically after about 10-20 minutes. You may wonder what causes this issue and\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":31386,"url":"https:\/\/www.winhelponline.com\/blog\/windows-update-services-deleted-every-restart\/","url_meta":{"origin":60308,"position":3},"title":"Windows Update services are deleted at every restart","author":"Ramesh","date":"December 30, 2022","format":false,"excerpt":"After you restore the missing Windows Update, BITS, or the Update Orchestrator Service services using registry files, you find that the services vanish again after a restart. They don't appear in the Services MMC. Cause This issue happens if your computer is infected. Malware running as a service or scheduled\u2026","rel":"","context":"In "Windows"","block_context":{"text":"Windows","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/"},"img":{"alt_text":"autoruns check virus total","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2022\/12\/autoruns-check-virustotal.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":59970,"url":"https:\/\/www.winhelponline.com\/blog\/securityhealthservice-not-responding-to-control-function\/","url_meta":{"origin":60308,"position":4},"title":"SecurityHealthService “The service is not responding to the control function” Error","author":"Ramesh","date":"August 2, 2023","format":false,"excerpt":"The Windows Security app may not open or the window may appear blank. When you try to start \"Windows Security Service\" (SecurityHealthService) via Services MMC or command-line, it may get stuck in the \"START_PENDING\" state and the following error may appear: The service is not responding to the control function.\u2026","rel":"","context":"In "Windows 10"","block_context":{"text":"Windows 10","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/windows-10\/"},"img":{"alt_text":"securityhealthcenter ifeo unblock","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2023\/08\/securityhealthcenter_ifeo_repro_error.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":5488,"url":"https:\/\/www.winhelponline.com\/blog\/xdgaudio-vbs-80070002-malware\/","url_meta":{"origin":60308,"position":5},"title":"Error 80070002 xdgaudio.vbs cannot find the file specified?","author":"Ramesh","date":"October 12, 2017","format":false,"excerpt":"If you're receiving the following error message related to \"xdgaudio.vbs\" in your system, then your computer is most likely infected. Script:\u00a0\u00a0\u00a0 C:\\windows\\xdgaudio.vbs Line:\u00a0\u00a0\u00a0 3 Char:\u00a0\u00a0\u00a0 1 Error:\u00a0\u00a0\u00a0 The system cannot find the file specified. Code:\u00a0\u00a0\u00a0 80070002 Source:\u00a0\u00a0\u00a0\u00a0 (null) When edited with Notepad, the script may contain lines such as below:\u2026","rel":"","context":"In "Windows"","block_context":{"text":"Windows","link":"https:\/\/www.winhelponline.com\/blog\/category\/microsoft\/windows\/"},"img":{"alt_text":"xdgaudio.vbs error malware","src":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/www.winhelponline.com\/blog\/wp-content\/uploads\/2017\/10\/xdgaudio-error-1.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts\/60308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/comments?post=60308"}],"version-history":[{"count":0,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/posts\/60308\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/media?parent=60308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/categories?post=60308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.winhelponline.com\/blog\/wp-json\/wp\/v2\/tags?post=60308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}