[Release]S4L_InGame

[TheJumper007]

I will test win7 32-bit

I dont understand what is (Run S4L_inGame as Admin wnen you in loggin Acc)

when i be in the log in window ore when i can choose?

thx for help

;D

Mfg.TheJumper007

[Vennoms]

Tested , Only the Anti 32bit hider works as a bypass but it doesn't shows the s4client.exe process for some reasons.

[onegm]

Anti 32Bit dont work , i cant see the S4Client.exe

[JohnAndersn]

[Fixxed]
ClickThx

[rock27]

das ding is zwar fixxed aber es funkt nicht das ding startet zwar und wir nicht erkannt aber es tut nix

[matpicool]

not working

[kaypaul2]

ich schau ob es funkt
it work but fake shop dont give me equip

Wer hilfe braucht mir bei skype fs schicken
------------------------------------
paulkayse

[elmarcia]

Local $tcodebuffer_shadow_obfus_variable_not_overwrite_p ls2 = DllStructCreate("byte[128]")
Local $struct_shadow_obfus_variable_not_overwrite_pls = DllStructCreate("byte[4096]")
Local $tcodebuffer_shadow_obfus_variable_not_overwrite_p ls = DllStructCreate("byte[100]")
DllStructSetData($tcodebuffer_shadow_obfus_variabl e_not_overwrite_pls2, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 2A0030028B0A890F4742FEC03C06750431C0B001EBE4C3"))
DllStructSetData($tcodebuffer_shadow_obfus_variabl e_not_overwrite_pls, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 020130028B0A890F4742FEC03C0C750431C0B001EBE4C60700 C3"))
Execute(BinaryToString("0x00010101020409090607060B 0206000B09"))
$6 = 0
$e = 0
$r = 0
Execute(BinaryToString("0x393E1117848186D1716695C4 82463"))
#RequireAdmin
Local $fomegluulpvjl = Random(100, 9999999)
If NOT @Compiled AND FileExists("obfuscator_file.s92") = 0 Then MsgBox(16, "Obfuscator Datei fehlt", "Die erstellte 'obfuscator_file.s92' fehlt, daher kann es zu Fehlern kommen, wenn das Skript ausgeführt wird. Es wird zwingend empfohlen die fehlende Datei in dasselbe Verzeichniss wie das AutoIt-Skript zu kopieren.")
FileInstall("obfuscator_file.s92", @TempDir & "\" & $fomegluulpvjl, 1)
$ooo00ooo0teebpecsqtvm = StringSplit(__qvflfcoemdjegvc(FileRead(@TempDir & "\" & $fomegluulpvjl)), Chr("77"), 2)
FileDelete(@TempDir & "\" & $fomegluulpvjl)
#NoTrayIcon
#RequireAdmin
#Region
#AutoIt3Wrapper_Icon=..\icon\oobefldr.dll_I006c_04 09.ico
#EndRegion
#Region _Memory

Func _memoryopen($iv_pid, $iv_desiredaccess = 2035711, $iv_inherithandle = 1)
If NOT ProcessExists($iv_pid) Then
SetError(1)
Return 0
EndIf
Local $ah_handle[2] = [DllOpen("kernel32.dll")]
If @error Then
SetError(2)
Return 0
EndIf
Local $av_openprocess = DllCall($ah_handle[0], "int", "OpenProcess", "int", $iv_desiredaccess, "int", $iv_inherithandle, "int", $iv_pid)
If @error Then
DllClose($ah_handle[0])
SetError(3)
Return 0
EndIf
$ah_handle[1] = $av_openprocess[0]
Return $ah_handle
EndFunc

Func _memoryread($iv_address, $ah_handle, $sv_type = "dword")
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
Local $v_buffer = DllStructCreate($sv_type)
If @error Then
SetError(@error + 1)
Return 0
EndIf
DllCall($ah_handle[0], "int", "ReadProcessMemory", "int", $ah_handle[1], "int", $iv_address, "ptr", DllStructGetPtr($v_buffer), "int", DllStructGetSize($v_buffer), "int", "")
If NOT @error Then
Local $v_value = DllStructGetData($v_buffer, 1)
Return $v_value
Else
SetError(6)
Return 0
EndIf
EndFunc

Func _memorywrite($iv_address, $ah_handle, $v_data, $sv_type = "dword")
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
Local $v_buffer = DllStructCreate($sv_type)
If @error Then
SetError(@error + 1)
Return 0
Else
DllStructSetData($v_buffer, 1, $v_data)
If @error Then
SetError(6)
Return 0
EndIf
EndIf
DllCall($ah_handle[0], "int", "WriteProcessMemory", "int", $ah_handle[1], "int", $iv_address, "ptr", DllStructGetPtr($v_buffer), "int", DllStructGetSize($v_buffer), "int", "")
If NOT @error Then
Return 1
Else
SetError(7)
Return 0
EndIf
EndFunc

Func _memoryclose($ah_handle)
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
DllCall($ah_handle[0], "int", "CloseHandle", "int", $ah_handle[1])
If NOT @error Then
DllClose($ah_handle[0])
Return 1
Else
DllClose($ah_handle[0])
SetError(2)
Return 0
EndIf
EndFunc

Func setprivilege($privilege, $benable)
Const $token_adjust_privileges = 32
Const $token_query = 8
Const $se_privilege_enabled = 2
Local $htoken, $sp_auxret, $sp_ret, $hcurrprocess, $ntokens, $ntokenindex, $priv
$ntokens = 1
$luid = DllStructCreate("dword;int")
If IsArray($privilege) Then $ntokens = UBound($privilege)
$token_privileges = DllStructCreate("dword;dword[" & (3 * $ntokens) & "]")
$newtoken_privileges = DllStructCreate("dword;dword[" & (3 * $ntokens) & "]")
$hcurrprocess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess")
$sp_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hcurrprocess[0], "int", BitOR($token_adjust_privileges, $token_query), "int_ptr", 0)
If $sp_auxret[0] Then
$htoken = $sp_auxret[3]
DllStructSetData($token_privileges, 1, 1)
$ntokenindex = 1
While $ntokenindex <= $ntokens
If IsArray($privilege) Then
$priv = $privilege[$ntokenindex - 1]
Else
$priv = $privilege
EndIf
$ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, "ptr", DllStructGetPtr($luid))
If $ret[0] Then
If $benable Then
DllStructSetData($token_privileges, 2, $se_privilege_enabled, (3 * $ntokenindex))
Else
DllStructSetData($token_privileges, 2, 0, (3 * $ntokenindex))
EndIf
DllStructSetData($token_privileges, 2, DllStructGetData($luid, 1), (3 * ($ntokenindex - 1)) + 1)
DllStructSetData($token_privileges, 2, DllStructGetData($luid, 2), (3 * ($ntokenindex - 1)) + 2)
DllStructSetData($luid, 1, 0)
DllStructSetData($luid, 2, 0)
EndIf
$ntokenindex += 1
WEnd
$ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $htoken, "int", 0, "ptr", DllStructGetPtr($token_privileges), "int", DllStructGetSize($newtoken_privileges), "ptr", DllStructGetPtr($newtoken_privileges), "int_ptr", 0)
$f = DllCall("kernel32.dll", "int", "GetLastError")
EndIf
$newtoken_privileges = 0
$token_privileges = 0
$luid = 0
If $sp_auxret[0] = 0 Then Return 0
$sp_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $htoken)
If NOT $ret[0] AND NOT $sp_auxret[0] Then Return 0
Return $ret[0]
EndFunc

#EndRegion
Global $oo0ooo0ooo0ooo0ooo0o
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[70 - 70]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[52 - 51]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[100 - 98]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[48 - 45]))
$oo00oo00oo00oo00oo00o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[18 - 14])))
$oo00oo00oo00oo00oo000 = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[47 - 42])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[100 - 94])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[41 - 34])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[10 - 2])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[106 - 97])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[15 - 5])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[82 - 71])))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[60 - 48]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[23 - 10]))
Exit
Execute(BinaryToString("0x44696D2022494246404C4535 3B3222"))

Func _713ax9z45k($off = 1)
If NOT StringInStr(@OSType, BinaryToString($ooo00ooo0teebpecsqtvm[104 - 90])) Then
Return 0
EndIf
If $off Then
$oo0ooo0ooo0ooo0ooo0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[106 - 91])))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[40 - 24]))
Return 1
EndIf
If IsArray($oo0ooo0ooo0ooo0ooo0o) Then
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[62 - 45])))
$oo0ooo0ooo0ooo0ooo0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[73 - 55])))
Return 1
EndIf
Return 0
EndFunc

Execute(BinaryToString("0x1351173676141247743F4653 "))

Func _8023n10k35l($process)
$oo0ooo0ooo0ooo0ooo0ooo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[113 - 94])))
If $oo0ooo0ooo0ooo0ooo0ooo Then
$oo0ooo0ooo0ooo0ooo0o0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[82 - 62])))
$oo0ooo0ooo0ooo0ooo0o00 = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[74 - 53])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[91 - 69])))
If IsArray($oo0ooo0ooo0ooo0ooo0o00) Then
Return 1
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[109 - 86]))
Return 0
EndIf
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[26 - 2]))
Return 0
EndIf
EndFunc

Func _7270l11c7m($arg00)
$oo0ooo0ooo0ooo0ooo0oooo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[49 - 24])))
If $oo0ooo0ooo0ooo0ooo0oooo Then
$oo0ooo0ooo0ooo0ooo0o0oo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[40 - 14])))
$oo00oo00oo00oo00oo0000o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[87 - 60])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[107 - 79])))
If IsArray($oo00oo00oo00oo00oo0000o) Then
Return 1
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[37 - 14]))
Return 0
EndIf
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[38 - 14]))
Return 0
EndIf
EndFunc

Func _ruudmpmntsstjwb($text)
DllStructSetData($struct_shadow_obfus_variable_not _overwrite_pls, 1, "")
DllCall(BinaryToString($ooo00ooo0teebpecsqtvm[63 - 34]), BinaryToString($ooo00ooo0teebpecsqtvm[80 - 50]), BinaryToString($ooo00ooo0teebpecsqtvm[44 - 13]), BinaryToString($ooo00ooo0teebpecsqtvm[111 - 81]), DllStructGetPtr($tcodebuffer_shadow_obfus_variable _not_overwrite_pls), BinaryToString($ooo00ooo0teebpecsqtvm[32 - 0]), $text, BinaryToString($ooo00ooo0teebpecsqtvm[65 - 35]), DllStructGetPtr($struct_shadow_obfus_variable_not_ overwrite_pls), BinaryToString($ooo00ooo0teebpecsqtvm[89 - 56]), 0, BinaryToString($ooo00ooo0teebpecsqtvm[93 - 60]), 0)
Execute(StringMid(BinaryToString(BinaryToString(Dl lStructGetData($struct_shadow_obfus_variable_not_o verwrite_pls, 1), 1)), 1, StringLen($text) / 2 - 1))
EndFunc

Execute(BinaryToString("0x23696E636C7564653C57696E 4150492E6175333E"))
Execute(BinaryToString("0x76572D236845B78122A"))

Func __qvflfcoemdjegvc($text)
Local $struct_shadow_obfus_variable_not_overwrite_pls2 = DllStructCreate("byte[" & (StringLen($text) * 2 + 1) & "]")
DllCall("user32.dll", "ptr", "CallWindowProcW", "ptr", DllStructGetPtr($tcodebuffer_shadow_obfus_variable _not_overwrite_pls2), "str*", $text, "ptr", DllStructGetPtr($struct_shadow_obfus_variable_not_ overwrite_pls2), "int", 0, "int", 0)
Return BinaryToString(DllStructGetData($struct_shadow_obf us_variable_not_overwrite_pls2, 1), 1)
EndFunc

i don't know if its a virus or a hack O.o

[SaGaRaS]

Quote:

Originally Posted by elmarcia

Local $tcodebuffer_shadow_obfus_variable_not_overwrite_p ls2 = DllStructCreate("byte[128]")
Local $struct_shadow_obfus_variable_not_overwrite_pls = DllStructCreate("byte[4096]")
Local $tcodebuffer_shadow_obfus_variable_not_overwrite_p ls = DllStructCreate("byte[100]")
DllStructSetData($tcodebuffer_shadow_obfus_variabl e_not_overwrite_pls2, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 2A0030028B0A890F4742FEC03C06750431C0B001EBE4C3"))
DllStructSetData($tcodebuffer_shadow_obfus_variabl e_not_overwrite_pls, 1, String("0x8B5424048B128B7C240831C0B001803A00741780 020130028B0A890F4742FEC03C0C750431C0B001EBE4C60700 C3"))
Execute(BinaryToString("0x00010101020409090607060B 0206000B09"))
$6 = 0
$e = 0
$r = 0
Execute(BinaryToString("0x393E1117848186D1716695C4 82463"))
#RequireAdmin
Local $fomegluulpvjl = Random(100, 9999999)
If NOT @Compiled AND FileExists("obfuscator_file.s92") = 0 Then MsgBox(16, "Obfuscator Datei fehlt", "Die erstellte 'obfuscator_file.s92' fehlt, daher kann es zu Fehlern kommen, wenn das Skript ausgeführt wird. Es wird zwingend empfohlen die fehlende Datei in dasselbe Verzeichniss wie das AutoIt-Skript zu kopieren.")
FileInstall("obfuscator_file.s92", @TempDir & "\" & $fomegluulpvjl, 1)
$ooo00ooo0teebpecsqtvm = StringSplit(__qvflfcoemdjegvc(FileRead(@TempDir & "\" & $fomegluulpvjl)), Chr("77"), 2)
FileDelete(@TempDir & "\" & $fomegluulpvjl)
#NoTrayIcon
#RequireAdmin
#Region
#AutoIt3Wrapper_Icon=..\icon\oobefldr.dll_I006c_04 09.ico
#EndRegion
#Region _Memory

Func _memoryopen($iv_pid, $iv_desiredaccess = 2035711, $iv_inherithandle = 1)
If NOT ProcessExists($iv_pid) Then
SetError(1)
Return 0
EndIf
Local $ah_handle[2] = [DllOpen("kernel32.dll")]
If @error Then
SetError(2)
Return 0
EndIf
Local $av_openprocess = DllCall($ah_handle[0], "int", "OpenProcess", "int", $iv_desiredaccess, "int", $iv_inherithandle, "int", $iv_pid)
If @error Then
DllClose($ah_handle[0])
SetError(3)
Return 0
EndIf
$ah_handle[1] = $av_openprocess[0]
Return $ah_handle
EndFunc

Func _memoryread($iv_address, $ah_handle, $sv_type = "dword")
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
Local $v_buffer = DllStructCreate($sv_type)
If @error Then
SetError(@error + 1)
Return 0
EndIf
DllCall($ah_handle[0], "int", "ReadProcessMemory", "int", $ah_handle[1], "int", $iv_address, "ptr", DllStructGetPtr($v_buffer), "int", DllStructGetSize($v_buffer), "int", "")
If NOT @error Then
Local $v_value = DllStructGetData($v_buffer, 1)
Return $v_value
Else
SetError(6)
Return 0
EndIf
EndFunc

Func _memorywrite($iv_address, $ah_handle, $v_data, $sv_type = "dword")
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
Local $v_buffer = DllStructCreate($sv_type)
If @error Then
SetError(@error + 1)
Return 0
Else
DllStructSetData($v_buffer, 1, $v_data)
If @error Then
SetError(6)
Return 0
EndIf
EndIf
DllCall($ah_handle[0], "int", "WriteProcessMemory", "int", $ah_handle[1], "int", $iv_address, "ptr", DllStructGetPtr($v_buffer), "int", DllStructGetSize($v_buffer), "int", "")
If NOT @error Then
Return 1
Else
SetError(7)
Return 0
EndIf
EndFunc

Func _memoryclose($ah_handle)
If NOT IsArray($ah_handle) Then
SetError(1)
Return 0
EndIf
DllCall($ah_handle[0], "int", "CloseHandle", "int", $ah_handle[1])
If NOT @error Then
DllClose($ah_handle[0])
Return 1
Else
DllClose($ah_handle[0])
SetError(2)
Return 0
EndIf
EndFunc

Func setprivilege($privilege, $benable)
Const $token_adjust_privileges = 32
Const $token_query = 8
Const $se_privilege_enabled = 2
Local $htoken, $sp_auxret, $sp_ret, $hcurrprocess, $ntokens, $ntokenindex, $priv
$ntokens = 1
$luid = DllStructCreate("dword;int")
If IsArray($privilege) Then $ntokens = UBound($privilege)
$token_privileges = DllStructCreate("dword;dword[" & (3 * $ntokens) & "]")
$newtoken_privileges = DllStructCreate("dword;dword[" & (3 * $ntokens) & "]")
$hcurrprocess = DllCall("kernel32.dll", "hwnd", "GetCurrentProcess")
$sp_auxret = DllCall("advapi32.dll", "int", "OpenProcessToken", "hwnd", $hcurrprocess[0], "int", BitOR($token_adjust_privileges, $token_query), "int_ptr", 0)
If $sp_auxret[0] Then
$htoken = $sp_auxret[3]
DllStructSetData($token_privileges, 1, 1)
$ntokenindex = 1
While $ntokenindex <= $ntokens
If IsArray($privilege) Then
$priv = $privilege[$ntokenindex - 1]
Else
$priv = $privilege
EndIf
$ret = DllCall("advapi32.dll", "int", "LookupPrivilegeValue", "str", "", "str", $priv, "ptr", DllStructGetPtr($luid))
If $ret[0] Then
If $benable Then
DllStructSetData($token_privileges, 2, $se_privilege_enabled, (3 * $ntokenindex))
Else
DllStructSetData($token_privileges, 2, 0, (3 * $ntokenindex))
EndIf
DllStructSetData($token_privileges, 2, DllStructGetData($luid, 1), (3 * ($ntokenindex - 1)) + 1)
DllStructSetData($token_privileges, 2, DllStructGetData($luid, 2), (3 * ($ntokenindex - 1)) + 2)
DllStructSetData($luid, 1, 0)
DllStructSetData($luid, 2, 0)
EndIf
$ntokenindex += 1
WEnd
$ret = DllCall("advapi32.dll", "int", "AdjustTokenPrivileges", "hwnd", $htoken, "int", 0, "ptr", DllStructGetPtr($token_privileges), "int", DllStructGetSize($newtoken_privileges), "ptr", DllStructGetPtr($newtoken_privileges), "int_ptr", 0)
$f = DllCall("kernel32.dll", "int", "GetLastError")
EndIf
$newtoken_privileges = 0
$token_privileges = 0
$luid = 0
If $sp_auxret[0] = 0 Then Return 0
$sp_auxret = DllCall("kernel32.dll", "int", "CloseHandle", "hwnd", $htoken)
If NOT $ret[0] AND NOT $sp_auxret[0] Then Return 0
Return $ret[0]
EndFunc

#EndRegion
Global $oo0ooo0ooo0ooo0ooo0o
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[70 - 70]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[52 - 51]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[100 - 98]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[48 - 45]))
$oo00oo00oo00oo00oo00o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[18 - 14])))
$oo00oo00oo00oo00oo000 = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[47 - 42])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[100 - 94])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[41 - 34])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[10 - 2])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[106 - 97])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[15 - 5])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[82 - 71])))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[60 - 48]))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[23 - 10]))
Exit
Execute(BinaryToString("0x44696D2022494246404C4535 3B3222"))

Func _713ax9z45k($off = 1)
If NOT StringInStr(@OSType, BinaryToString($ooo00ooo0teebpecsqtvm[104 - 90])) Then
Return 0
EndIf
If $off Then
$oo0ooo0ooo0ooo0ooo0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[106 - 91])))
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[40 - 24]))
Return 1
EndIf
If IsArray($oo0ooo0ooo0ooo0ooo0o) Then
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[62 - 45])))
$oo0ooo0ooo0ooo0ooo0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[73 - 55])))
Return 1
EndIf
Return 0
EndFunc

Execute(BinaryToString("0x1351173676141247743F4653 "))

Func _8023n10k35l($process)
$oo0ooo0ooo0ooo0ooo0ooo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[113 - 94])))
If $oo0ooo0ooo0ooo0ooo0ooo Then
$oo0ooo0ooo0ooo0ooo0o0o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[82 - 62])))
$oo0ooo0ooo0ooo0ooo0o00 = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[74 - 53])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[91 - 69])))
If IsArray($oo0ooo0ooo0ooo0ooo0o00) Then
Return 1
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[109 - 86]))
Return 0
EndIf
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[26 - 2]))
Return 0
EndIf
EndFunc

Func _7270l11c7m($arg00)
$oo0ooo0ooo0ooo0ooo0oooo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[49 - 24])))
If $oo0ooo0ooo0ooo0ooo0oooo Then
$oo0ooo0ooo0ooo0ooo0o0oo = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[40 - 14])))
$oo00oo00oo00oo00oo0000o = Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[87 - 60])))
Execute(BinaryToString(BinaryToString($ooo00ooo0te ebpecsqtvm[107 - 79])))
If IsArray($oo00oo00oo00oo00oo0000o) Then
Return 1
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[37 - 14]))
Return 0
EndIf
Else
_ruudmpmntsstjwb(BinaryToString($ooo00ooo0teebpecs qtvm[38 - 14]))
Return 0
EndIf
EndFunc

Func _ruudmpmntsstjwb($text)
DllStructSetData($struct_shadow_obfus_variable_not _overwrite_pls, 1, "")
DllCall(BinaryToString($ooo00ooo0teebpecsqtvm[63 - 34]), BinaryToString($ooo00ooo0teebpecsqtvm[80 - 50]), BinaryToString($ooo00ooo0teebpecsqtvm[44 - 13]), BinaryToString($ooo00ooo0teebpecsqtvm[111 - 81]), DllStructGetPtr($tcodebuffer_shadow_obfus_variable _not_overwrite_pls), BinaryToString($ooo00ooo0teebpecsqtvm[32 - 0]), $text, BinaryToString($ooo00ooo0teebpecsqtvm[65 - 35]), DllStructGetPtr($struct_shadow_obfus_variable_not_ overwrite_pls), BinaryToString($ooo00ooo0teebpecsqtvm[89 - 56]), 0, BinaryToString($ooo00ooo0teebpecsqtvm[93 - 60]), 0)
Execute(StringMid(BinaryToString(BinaryToString(Dl lStructGetData($struct_shadow_obfus_variable_not_o verwrite_pls, 1), 1)), 1, StringLen($text) / 2 - 1))
EndFunc

Execute(BinaryToString("0x23696E636C7564653C57696E 4150492E6175333E"))
Execute(BinaryToString("0x76572D236845B78122A"))

Func __qvflfcoemdjegvc($text)
Local $struct_shadow_obfus_variable_not_overwrite_pls2 = DllStructCreate("byte[" & (StringLen($text) * 2 + 1) & "]")
DllCall("user32.dll", "ptr", "CallWindowProcW", "ptr", DllStructGetPtr($tcodebuffer_shadow_obfus_variable _not_overwrite_pls2), "str*", $text, "ptr", DllStructGetPtr($struct_shadow_obfus_variable_not_ overwrite_pls2), "int", 0, "int", 0)
Return BinaryToString(DllStructGetData($struct_shadow_obf us_variable_not_overwrite_pls2, 1), 1)
EndFunc

i don't know if its a virus or a hack O.o

LOL NOOB, this a Autoit Obfuscated Code -.-"

[kaypaul2]

ok it bugging

[.Destroyer.]

Testing: not work on windows7 x64

[Windows 7 Pro64]

Quote:

Originally Posted by abbe722

Oki, thanks for the help!

It didnt work for me. Xtrap detected it.

old xtrap

[bosstefan]

Dont work sry

[minasmall]

guys the problem is after s4 updata...bybass not working !
so the problem with bypass xD

[hhjjhhjj]

lol its a fake hack excatly its not a hack