v2.0
Powered by

# schtasks

Can be used for privesc LOL! This article covers it pretty well.

# List scheduled tasks

...specifically that exclude Microsoft or OneDrive in the name, and also shows tasks that are not disabled:

Get-ScheduledTask | Where-Object {
    $_.TaskPath -notlike "\Microsoft*" -and
    $_.TaskName -notmatch "OneDrive" -and
    $_.State -ne 'Disabled'
} | ForEach-Object {
    $info = $_ | Get-ScheduledTaskInfo
    $definition = $_.Actions | Select-Object -ExpandProperty Execute
    [PSCustomObject]@{
        TaskName = $_.TaskName
        TaskPath = $_.TaskPath
        State    = $_.State
        RunAs    = $_.Principal.UserId
        Action   = $definition
        LastRun  = $info.LastRunTime
    }
} | Format-Table -AutoSize