Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

[SRC] Anti maquinas virtuais

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Tempo
  • Show
Clear All
new posts
Anterior template Avançar
  • Font Size
    #1

    Dica [SRC] Anti maquinas virtuais

    Código:
    //Unit : ANTIS.
//Fecha : 04.04.2012
//Creditos : Cobein
//Descripcion : Detecta [VirtualPC / VMWare / VirtualBox]
// Detecta [Sandboxie / ThreatExpert / Anubis / CWSandbox / JoeBox]
//Uso : Anti_End;
//************************************************** ****************************
unit ANTIS;
//************************************************** ****************************
//DECLARACION DE CLASES
//************************************************** ****************************
interface
uses
Windows, ShlObj, Messages, SysUtils;
//************************************************** ****************************
//DECLARACION DE FUNCIONES / PROCEDIMIENTOS
//************************************************** ****************************
function InStr(iStart: Integer; sSource: String; sSourceToFind: String): Integer;
function TrimA(sCadena: String): String;
function IsVirtualPCPresent: Bool;
function IsInSandbox: Bool;
function Anti_End: Bool;
//************************************************** ****************************
//FUNCIONES / PROCEDIMIENTOS
//************************************************** ****************************
implementation
//************************************************** ****************************
//<--- MAQUINAS VIRTUALES [VirtualPC / VMWare / VirtualBox] --->
//************************************************** ****************************
function IsVirtualPCPresent: Bool;
const
sArrVM :array[0..2] of string = ('VIRTUAL','VMWARE','VBOX');
var
hlKey :HKEY;
sBuffer :String;
i :Integer;
iRegType :Integer;
iDataSize :Integer;
begin
IsVirtualPCPresent := False;
iRegType := 1;

if RegOpenKeyEx($80000002, Pchar('SYSTEM\ControlSet001\Services\Disk\Enum'), 0, $20019, hlKey) = 0 then
if RegQueryValueEx(hlKey, '0', 0, @iRegType, nil, @iDataSize) = 0 then
SetLength(sBuffer, iDataSize);
RegQueryValueEx(hlKey, '0', 0, @iRegType, PByte(PChar(sBuffer)), @iDataSize);

for I := 0 to 2 do
if InStr(1, TrimA(sBuffer), sArrVM[i]) > 0 then
IsVirtualPCPresent := True;


RegCloseKey(hlKey);
end;
//************************************************** ****************************
//<--- SANDBOX [Sandboxie / ThreatExpert / Anubis / CWSandbox / JoeBox] --->
//************************************************** ****************************
function IsInSandbox: Bool;
const
sArrSB :array[0..2] of string = ('76487-337-8429955-22614',
'76487-644-3177037-23510',
'55274-640-2673064-23950');
sArrDll :array[0..1] of string = ('sbiedll.dll', 'dbghelp.dll');
var
hlKey :HKEY;
sBuffer :String;
i :Integer;
hDll :Integer;
iRegType :Integer;
iDataSize :Integer;
hSnapShot :Integer;
begin
IsInSandbox := False;
iRegType := 1;

hDll := LoadLibrary(PChar(sArrDll[0]));

if hDll <> 0 then
IsInSandbox := True;

FreeLibrary(hDll);

hDll := LoadLibrary(PChar(sArrDll[1]));

if hDll <> 0 then
IsInSandbox := True;

FreeLibrary(hDll);

if RegOpenKeyEx($80000002, Pchar('Software\Microsoft\Windows\CurrentVersion') , 0, $20019, hlKey) = 0 then
if RegQueryValueEx(hlKey, 'ProductId', 0, @iRegType, nil, @iDataSize) = 0 then
SetLength(sBuffer, iDataSize);
RegQueryValueEx(hlKey, 'ProductId', 0, @iRegType, PByte(PChar(sBuffer)), @iDataSize);

for I := 0 to 2 do
if InStr(1, TrimA(sBuffer), sArrSB[i]) > 0 then
IsInSandbox := True;

RegCloseKey(hlKey);
end;
//************************************************** ****************************
//<--- BUSCA CADENA DENTRO DE OTRA CADENA --->
//************************************************** ****************************
function InStr(iStart: Integer; sSource: String; sSourceToFind: String): integer;
begin
Result := Pos(sSourceToFind, Copy(sSource, iStart, Length(sSource) - (iStart - 1)));
end;
//************************************************** ****************************
//<--- ELIMINA LOS ESPACIOS DE UNA CADENA --->
//************************************************** ****************************
function TrimA(sCadena: String): String;
begin
Result := '';

if sCadena = '' then Exit;

while sCadena[1] = ' ' do
begin
Delete(sCadena, 1, 1);
if sCadena='' then Exit;
end;

while sCadena[Length(sCadena)] = ' ' do
begin
Delete(sCadena,Length(sCadena),1);
if sCadena = '' then Exit;
end;

Result := sCadena;
end;
//************************************************** ****************************
//<--- CIERRA EL EJECUTABLE EN CASO DE TRUE --->
//************************************************** ****************************
function Anti_End: Bool;
begin
Anti_End := False;

if IsVirtualPCPresent = True or IsInSandbox = True then
ExitProcess(0);
end;

end.
    É meu fã? Use minha fan bar
    Similar Threads
    Tags: anti, anubis, array, busca, code, expert, maquinas, microsoft, software, string, system, uso, virtualbox, vmware
    • Top
Anterior template Avançar
X
Working...
X