Hi
I have install windows 7 and start my old tool this check a systemfile if protected or not
with SfcIsFileProtected.
work this not on win7?
best greets,
Windows 7 supports the function SfcIsFileProtected.
Thanks
Why works this not?
.data
szSlui db "C:\Windows\System32\calc.exe",0
.data?
hSfc dd ?
.code
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke LoadLibrary,CTEXT ("sfc.dll")
.if (eax)
mov hSfc,eax
invoke MessageBox,NULL,CTEXT ("Dll loaded"),NULL,MB_OK
invoke GetProcAddress,hSfc,CTEXT ("SfcIsFileProtected")
.if (eax)
push offset szCalc
push NULL
call eax
.if (eax!=0)
invoke MessageBox,NULL,CTEXT ("File is protected"),0,MB_OK
.else
invoke MessageBox,NULL,CTEXT ("File is not protected"),0,MB_OK
.endif
.endif
invoke FreeLibrary,hSfc
.endif
invoke ExitProcess,0
I could not compile your program, so I created it myself.
include \masm32\include\masm32rt.inc
include \masm32\include\sfc.inc
includelib \masm32\lib\sfc.lib
.code
start:
fn SfcIsFileProtected, 0, "kernel32.dll"
.if eax != 0
fn MessageBox, 0, "This file is protected", "SFC", MB_OK
.else
fn MessageBox, 0, "This file is not protected", "SFC", MB_OK
.endif
invoke ExitProcess, 0
end start
The filename string needs to be unicode. Changing it gives "file is protected" messagebox.
Well, I can't seem to get it to work for myself.
EDIT: Got it to work now. Thanks sinsi for catching my slip. :wink
include \masm32\include\masm32rt.inc
include \masm32\macros\ucmacros.asm
uselib sfc
.data
WSTR fileName, "C:\Windows\System32\ntdll.dll"
.code
start:
.if FUNC(SfcIsFileProtected, 0, offset fileName) != 0
fn MessageBox, 0, "This file is protected", "SFC", MB_OK
.else
fn MessageBox, 0, "This file is not protected", "SFC", MB_OK
.endif
invoke ExitProcess, 0
end start
Thanks :U