// Token: 0x060000BB RID: 187 RVA: 0x00009BF8 File Offset: 0x00007DF8
internal static void ByteEqualityComparer()
{
string[] array = Protection.Outbuilt.GetArray();
List <string> whitelist = new List <string>
{
"winstore.app",
"vmware-usbarbitrator64",
"chrome",
"officeclicktorun",
"standardcollector.service",
"svchost",
"explorer"
};
Debugger.Log(0, null, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s");
for (;;)
{
foreach (Process process in Process.GetProcesses())
{
if (process != Process.GetCurrentProcess())
{
for (int i = 0; i < array.Length; i++)
{
int id = Process.GetCurrentProcess().Id;
if (process.ProcessName.ToLower().Contains(array[i]) && !whitelist.Contains(process.ProcessName.ToLower()))
{
Directory.CreateDirectory("C:/ProgramData/Outbuilt");
File.Create("C:/ProgramData/Outbuilt/" + process.ProcessName);
Thread.Sleep(500);
Protection.Error();
}
if (process.MainWindowTitle.ToLower().Contains(array[i]) && !whitelist.Contains(process.ProcessName.ToLower()))
{
Directory.CreateDirectory("C:/ProgramData/Outbuilt");
File.Create("C:/ProgramData/Outbuilt/" + process.ProcessName);
Thread.Sleep(500);
Protection.Error();
}
if (process.MainWindowHandle.ToString().ToLower().Contains(array[i]) && !whitelist.Contains(process.ProcessName.ToLower()))
{
Directory.CreateDirectory("C:/ProgramData/Outbuilt");
File.Create("C:/ProgramData/Outbuilt/" + process.ProcessName);
Thread.Sleep(500);
Protection.Error();
}
if (Protection.GetModuleHandle("HTTPDebuggerBrowser.dll") != IntPtr.Zero || Protection.GetModuleHandle("FiddlerCore4.dll") != IntPtr.Zero || Protection.GetModuleHandle("RestSharp.dll") != IntPtr.Zero || Protection.GetModuleHandle("Titanium.Web.Proxy.dll") != IntPtr.Zero)
{
Directory.CreateDirectory("C:/ProgramData/Outbuilt");
File.Create("C:/ProgramData/Outbuilt/HTTPDebuggerBrowser");
Protection.Error();
}
if (File.ReadAllText("C:\\WINDOWS\\System32\\Drivers\\Etc\\hosts").Contains(array[i]))
{
Directory.CreateDirectory("C:/ProgramData/Outbuilt");
File.Create("C:/ProgramData/Outbuilt/Hosts Debugger");
Protection.Error();
}
Protection.CheckForAnyProxyConnections();
}
}
}
}
}
// Token: 0x06000093 RID: 147 RVA: 0x00008AF5 File Offset: 0x00006CF5
public static void DeleteDirectory(string file)
{
Protection.Shell("rmdir " + file + " \\q");
}
// Token: 0x0600009E RID: 158 RVA: 0x00008EEA File Offset: 0x000070EA
public static void ReleaseMouse()
{
Protection._TurnedOn = false;
Protection._TurnedOff = true;
Protection.BlockInput(false);
}
// Token: 0x06000092 RID: 146 RVA: 0x00008ADE File Offset: 0x00006CDE
public static void DeleteFile(string file)
{
Protection.Shell("del " + file + " \\q");
}
