amert.exe "C:\Users\test22\AppData\Local\Temp\1000054001\amert.exe"
2508chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
2816chrome.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\test22\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\test22\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=86.0.4240.111 --initial-client-data=0xb0,0xb4,0xb8,0x84,0xbc,0x7fef37c6e00,0x7fef37c6e10,0x7fef37c6e20
2904schtasks.exe schtasks /create /f /RU "test22" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 HR" /sc HOURLY /rl HIGHEST
1676schtasks.exe schtasks /create /f /RU "test22" /tr "C:\ProgramData\MPGPH131\MPGPH131.exe" /tn "MPGPH131 LG" /sc ONLOGON /rl HIGHEST
880rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
2100rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Roaming\a091ec0a6e2227\cred64.dll, Main
2236netsh.exe netsh wlan show profiles
2540powershell.exe powershell -Command Compress-Archive -Path 'C:\Users\test22\AppData\Local\Temp\_Files_\' -DestinationPath 'C:\Users\test22\AppData\Local\Temp\832866432405_Desktop.zip' -CompressionLevel Optimal
2728rundll32.exe "C:\Windows\System32\rundll32.exe" C:\Users\test22\AppData\Roaming\a091ec0a6e2227\clip64.dll, Main
2480explorer.exe C:\Windows\Explorer.EXE
1236