（转）检测Kaspersky沙盒之DeleteFile大法 - 走看看

zoukankan html css js c++ java

（转）检测Kaspersky沙盒之DeleteFile大法

#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>

//
//Define
//
int DetectSandBox(void);

//
//Routine
//
int DetectSandBox(void)
{
   //
   //Routine Description:
   //
   //This routine detect if is run in real OS or SandBox.

   //
   //Arguments:
   //
   //None

   //
   //Return Value:
   //
   // -1 for error
   // 0 for run in real OS
   // 1 for run in SandBox

   //
   //Detect
   //
   char strCurrentFile[MAX_PATH] = {0};
   GetModuleFileName(NULL,strCurrentFile,MAX_PATH);

   BOOL bRet = FALSE;
   bRet = DeleteFile(strCurrentFile);

   if( bRet == TRUE )
   {
      return 1;
   }
   else
   {
      return 0;
   }

   return -1;
}

//
//Entry
//
int main(void)
{
   int iRet = DetectSandBox();
   if( iRet == 1 )
   {
      MessageBox(NULL,"RUN IN SANDBOX! DAMN IT!","NOTICE",MB_ICONSTOP);
   }
   else
   if( iRet == 0 )
   {
      MessageBox(NULL,"RUN IN REAL OS!","NOTICE",MB_ICONINFORMATION);
   }
   else
   {
      MessageBox(NULL,"UNKNOWN ERROR! DAMN IT!","NOTICE",MB_ICONSTOP);
   }

   return 0;
}

这仅是其中一个

查看全文

相关阅读:
[leetcode]66Plus One
[leetcode]64Minimum Path Sum 动态规划
 [leetcode]62.UniquePaths
[leetcode]54. Spiral Matrix2生成螺旋数组
 Keywords Search HDU
Division HDU
Naming Babies UVA
Pearls POJ
K-Anonymous Sequence POJ
Post Office POJ

原文地址：https://www.cnblogs.com/chengxin1982/p/1663107.html

Copyright © 2011-2022 走看看