This detection rule identifies the creation of scheduled tasks in Windows that use GUID-like names as their task identifiers. Scheduled tasks are commonly exploited by attackers to achieve persistence on compromised systems, particularly when they are named using GUID formats that may be overlooked by administrators. The rule monitors the creation of tasks via the 'schtasks.exe' program and filters the command line inputs for specific patterns indicative of GUID naming conventions. Detection will occur when the command line includes patterns both at the beginning and the end related to GUID task names, indicating that a potentially malicious scheduled task is being configured. Given the risk presented by such tasks, monitoring for this behavior is a critical component of maintaining system integrity.