static void Initialize()
{
if (AntiVM.CspParameters())
{
AntiVM.CrossAppDomainSerializer("START CMD /C \"ECHO VirtualMachine Detected ! && PAUSE\" ");
Process.GetCurrentProcess().Kill();
}
}
// Token: 0x06000034 RID: 52 RVA: 0x0000341C File Offset: 0x0000161C
private static void Init()
{
if (AntiVM.e())
{
MessageBox((IntPtr)0, "VirtualMachine detected. Exiting...", "Rzy Protector | Private version | by RZY#2000", 0);
Process.GetCurrentProcess().Kill();
}
}
// Token: 0x06000036 RID: 54 RVA: 0x00003464 File Offset: 0x00001664
internal static bool e()
{
if (AntiVM.E("HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", "Identifier").ToUpper().Contains("VBOX"))
{
return(true);
}
if (AntiVM.E("HARDWARE\\Description\\System", "SystemBiosVersion").ToUpper().Contains("VBOX"))
{
return(true);
}
if (AntiVM.E("HARDWARE\\Description\\System", "VideoBiosVersion").ToUpper().Contains("VIRTUALBOX"))
{
return(true);
}
if (AntiVM.E("SOFTWARE\\Oracle\\VirtualBox Guest Additions", "") == "noValueButYesKey")
{
return(true);
}
if (AntiVM.C("C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys") != 4294967295u)
{
return(true);
}
if (AntiVM.E("HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", "Identifier").ToUpper().Contains("VMWARE"))
{
return(true);
}
if (AntiVM.E("SOFTWARE\\VMware, Inc.\\VMware Tools", "") == "noValueButYesKey")
{
return(true);
}
if (AntiVM.E("HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 1\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", "Identifier").ToUpper().Contains("VMWARE"))
{
return(true);
}
if (AntiVM.E("HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 2\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", "Identifier").ToUpper().Contains("VMWARE"))
{
return(true);
}
if (AntiVM.E("SYSTEM\\ControlSet001\\Services\\Disk\\Enum", "0").ToUpper().Contains("vmware".ToUpper()))
{
return(true);
}
if (AntiVM.E("SYSTEM\\ControlSet001\\Control\\Class\\{4D36E968-E325-11CE-BFC1-08002BE10318}\\0000", "DriverDesc").ToUpper().Contains("VMWARE"))
{
return(true);
}
if (AntiVM.E("SYSTEM\\ControlSet001\\Control\\Class\\{4D36E968-E325-11CE-BFC1-08002BE10318}\\0000\\Settings", "Device Description").ToUpper().Contains("VMWARE"))
{
return(true);
}
if (AntiVM.E("SOFTWARE\\VMware, Inc.\\VMware Tools", "InstallPath").ToUpper().Contains("C:\\PROGRAM FILES\\VMWARE\\VMWARE TOOLS\\"))
{
return(true);
}
if (AntiVM.C("C:\\WINDOWS\\system32\\drivers\\vmmouse.sys") != 4294967295u)
{
return(true);
}
if (AntiVM.C("C:\\WINDOWS\\system32\\drivers\\vmhgfs.sys") != 4294967295u)
{
return(true);
}
if (AntiVM.c(AntiVM.b("kernel32.dll"), "wine_get_unix_file_name") != (IntPtr)0)
{
return(true);
}
if (AntiVM.E("HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", "Identifier").ToUpper().Contains("QEMU"))
{
return(true);
}
if (AntiVM.E("HARDWARE\\Description\\System", "SystemBiosVersion").ToUpper().Contains("QEMU"))
{
return(true);
}
ManagementScope scope = new ManagementScope("\\\\.\\ROOT\\cimv2");
ObjectQuery query = new ObjectQuery("SELECT * FROM Win32_VideoController");
foreach (ManagementBaseObject managementBaseObject in new ManagementObjectSearcher(scope, query).Get())
{
ManagementObject managementObject = (ManagementObject)managementBaseObject;
if (managementObject["Description"].ToString() == "VM Additions S3 Trio32/64")
{
return(true);
}
if (managementObject["Description"].ToString() == "S3 Trio32/64")
{
return(true);
}
if (managementObject["Description"].ToString() == "VirtualBox Graphics Adapter")
{
return(true);
}
if (managementObject["Description"].ToString() == "VMware SVGA II")
{
return(true);
}
if (managementObject["Description"].ToString().ToUpper().Contains("VMWARE"))
{
return(true);
}
if (managementObject["Description"].ToString() == "")
{
return(true);
}
}
return(false);
}
