AdvanceVB

'ADVAPI32
Private Declare Function CheckTokenMembership Lib "ADVAPI32" (ByVal TokenHandle As Long, ByVal pSidToCheck As Long, ByRef IsMember As Boolean) As Long

'---------------------------------------------------------------------------------------
' Procedure : IsUserAnAdmin
' Author    : Karcrack
' Date      : 300710
' Purpose   : Check wether the user is in the Administrator Group
' TestedOn  : Windows XP SP3
'---------------------------------------------------------------------------------------
'
Private Function IsUserAnAdmin() As Boolean
    Dim SID(1)  As Currency
    'Hardcoded SID
    SID(0) = 36028797018964.0193@: SID(1) = 233646220.9056@
    Call CheckTokenMembership(0, VarPtr(SID(0)), IsUserAnAdmin)
End Function

More info

Option Explicit

Public Type KERNEL_USER_TIMES
    liCreateTime            As Currency 'LARGE_INTEGER
    liExitTime              As Currency 'LARGE_INTEGER
    liKernelTime            As Currency 'LARGE_INTEGER
    liUserTime              As Currency 'LARGE_INTEGER
End Type

'NTDLL
Private Declare Function NtQueryInformationProcess Lib "NTDLL" (ByVal ProcessHandle As Long, ByVal ProcessInformationClass As Long, ByVal ProcessInformation As Long, ByVal ProcessInformationLength As Long, ReturnLength As Long) As Long

Private Const ProcessTimes  As Long = &H4
Public Const CurrentProcess As Long = -1

'---------------------------------------------------------------------------------------
' Procedure : GetProcessTimes
' Author    : Karcrack
' Date      : 290710
' Purpose   : Get some Process Time Info... like when it was created...
'---------------------------------------------------------------------------------------
'
Public Function GetProcessTimes(ByVal hProc As Long) As KERNEL_USER_TIMES
    Call NtQueryInformationProcess(hProc, ProcessTimes, VarPtr(GetProcessTimes), &H20, ByVal 0&)
End Function

Option Explicit
Option Base 0
'---------------------------------------------------------------------------------------
' Module    : mCopyMemoryASM
' Author    : Karcrack
' Date      : 280710
' Purpose   : A kewl RtlMoveMemory/CopyMemory replacement using ASM :)
'---------------------------------------------------------------------------------------

'USER32
Private Declare Function CallWindowProcW Lib "USER32" (ByVal lpCodePointer As Long, Optional ByVal l1 As Long, Optional ByVal l2 As Long, Optional ByVal l3 As Long, Optional ByVal l4 As Long) As Long

Private bvCode(20)      As Byte
'{
'    PUSH ESI
'    PUSH EDI
'    MOV EDI,DWORD PTR SS:[ESP+C]
'    MOV ESI,DWORD PTR SS:[ESP+10]
'    MOV ECX,DWORD PTR SS:[ESP+14]
'    REP MOVS BYTE PTR ES:[EDI],BYTE PTR DS:[ESI]
'    POP EDI
'    POP ESI
'    RETN 10
'}
Private bInitialized    As Boolean

Public Function ASM_Initialize() As Boolean
    On Error GoTo Initialize_Error
    Dim i               As Long

    For i = 0 To 20
        bvCode(i) = CByte(Choose(i + 1, &H56, &H57, &H8B, &H7C, &H24, &HC, &H8B, &H74, &H24, &H10, &H8B, &H4C, &H24, &H14, &HF3, &HA4, &H5F, &H5E, &HC2, &H10, &H0))
    Next i

    bInitialized = True
    ASM_Initialize = True

    On Error GoTo 0
    Exit Function
Initialize_Error:
    ASM_Initialize = False
End Function

Public Sub ASM_CopyMemory(ByVal Source As Long, ByVal Destination As Long, ByVal Length As Long)
    If bInitialized = True Then
        Call CallWindowProcW(VarPtr(bvCode(0)), Destination, Source, Length)
    End If
End Sub

'PutMem4 Wrapper
Public Sub ASM_PutMem4(ByVal lLong As Long, ByVal Destination As Long)
    Call ASM_CopyMemory(VarPtr(lLong), Destination, &H4)
End Sub

'GetMem4 Wrapper
Public Function ASM_GetMem4(ByVal Source As Long) As Long
    Call ASM_CopyMemory(Source, VarPtr(ASM_GetMem4), &H4)
End Function

Sample:

Private Sub Form_Load()
    Dim x       As Long
    Dim y       As Long
    Dim i       As String
    Dim n       As String

    If ASM_Initialize = True Then
        x = &H1337
        Call ASM_CopyMemory(VarPtr(x), VarPtr(y), &H4)
        Debug.Print Hex$(x), Hex$(y)
        y = 0
        Call ASM_PutMem4(x, VarPtr(y))
        Debug.Print Hex$(ASM_GetMem4(VarPtr(x)))
        Debug.Print Hex$(x), Hex$(y)
        i = "KARCRACK_ES_GUAY!!!!!!!"
        n = Space$(Len(i))
        Call ASM_CopyMemory(StrPtr(i), StrPtr(n), LenB(i))
        Debug.Print i
        Debug.Print n
    End If
End Sub

Im a happy mofucka!!!! Yeah some good bands in town =D