zoukankan      html  css  js  c++  java
  • (转)检测Kaspersky沙盒之DeleteFile大法

    #include <windows.h>
    #include <stdio.h>
    #include <tlhelp32.h>

    //
    //Define
    //
    int DetectSandBox(void);

    //
    //Routine
    //
    int DetectSandBox(void)
    {
       //
       //Routine Description:
       //
       //This routine detect if is run in real OS or SandBox.

       //
       //Arguments:
       //
       //None

       //
       //Return Value:
       //
       // -1 for error
       // 0 for run in real OS
       // 1 for run in SandBox

       //
       //Detect
       //
       char strCurrentFile[MAX_PATH] = {0};
       GetModuleFileName(NULL,strCurrentFile,MAX_PATH);

       BOOL bRet = FALSE;
       bRet = DeleteFile(strCurrentFile);

       if( bRet == TRUE )
       {
          return 1;
       }
       else
       {
          return 0;
       }

       return -1;
    }

    //
    //Entry
    //
    int main(void)
    {
       int iRet = DetectSandBox();
       if( iRet == 1 )
       {
          MessageBox(NULL,"RUN IN SANDBOX! DAMN IT!"
    ,"NOTICE",MB_ICONSTOP);
       }
       else
       if( iRet == 0 )
       {
          MessageBox(NULL,"RUN IN REAL OS!"
    ,"NOTICE",MB_ICONINFORMATION);
       }
       else
       {
          MessageBox(NULL,"UNKNOWN ERROR! DAMN IT!"
    ,"NOTICE",MB_ICONSTOP);
       }

       return 0;
    }

     

    这仅是其中一个

  • 相关阅读:
    [leetcode]66Plus One
    [leetcode]64Minimum Path Sum 动态规划
    [leetcode]62.UniquePaths
    [leetcode]54. Spiral Matrix2生成螺旋数组
    Keywords Search HDU
    Division HDU
    Naming Babies UVA
    Pearls POJ
    K-Anonymous Sequence POJ
    Post Office POJ
  • 原文地址:https://www.cnblogs.com/chengxin1982/p/1663107.html
Copyright © 2011-2022 走看看