;made by correy
;Email:leguanyuan@126.com
;QQ:112426112
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
include Advapi32.inc
;Email:leguanyuan@126.com
;QQ:112426112
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
include Advapi32.inc
includelib user32.lib
includelib kernel32.lib
includelib Advapi32.lib
includelib kernel32.lib
includelib Advapi32.lib
.data
correy db "correy",0
h db "%d",0
path db "c:\windows\system32\cmd.exe",0
run db "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0
runonce db "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",0
runonceEx db "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx",0
correy db "correy",0
h db "%d",0
path db "c:\windows\system32\cmd.exe",0
run db "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0
runonce db "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce",0
runonceEx db "SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx",0
.data?
ofn OPENFILENAME <>
buffer db 256 DUP (?)
var dword ?
ofn OPENFILENAME <>
buffer db 256 DUP (?)
var dword ?
.code
start:
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr run,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr runonce,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr runonceEx,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
start:
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr run,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr runonce,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
invoke RegCreateKeyEx,HKEY_LOCAL_MACHINE,addr runonceEx,0,0,REG_OPTION_NON_VOLATILE,KEY_ALL_ACCESS,0,addr var,0
invoke RegSetValueEx,var,addr correy,0,REG_SZ,addr path,sizeof path
;invoke RegCloseKey,var
exit:invoke ExitProcess,NULL
end start
没有评论:
发表评论