Тема: Antivirus Detector v0.1 [Beta] (Delphi Module)
Показать сообщение отдельно

Antivirus Detector v0.2 [Beta] (Delphi Module)
  #5  
Старый 24.02.2010, 14:41
Fliplab
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836

Репутация: 34
По умолчанию Antivirus Detector v0.2 [Beta] (Delphi Module)
Код:
function IsRing0(const Device: String): Boolean;
var
  hFile: THandle;
begin
  Result := False;
  hFile := CreateFileA(PChar(Device), GENERIC_READ or GENERIC_WRITE, 0, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
  if (hFile <> INVALID_HANDLE_VALUE) then
    begin
      CloseHandle(hFile);
      Result := True;
    end;
end;

function DriveExist(const DrivePath: String): Boolean;
var
  GetSystemDirectory: function(lpBuffer: PChar; uSize: LongWord): LongWord; cdecl;
  GetFileAttributes: function(lpFileName: PChar): LongWord; cdecl;
  GSys: array[0..MAX_PATH] of Char;
  SysPath: String;
  Code: Integer;
begin
  @GetSystemDirectory := ImportKernelFunc('GetSystemDirectoryA');
  @GetFileAttributes := ImportKernelFunc('GetFileAttributesA');
  GetSystemDirectory(GSys, MAX_PATH);
  SysPath := String(GSys);
  if Length(SysPath) > 0 then
    if SysPath[Length(SysPath)] <> '\' then
      SysPath := SysPath + '\';
  SysPath := SysPath + DrivePath;
  Code := GetFileAttributes(PChar(SysPath));
  Result := (Code <> -1) and (FILE_ATTRIBUTE_DIRECTORY and Code = 0);
end;

// ESET SysInspector
function IsEsetSysInsp: Boolean;
begin
  if IsRing0('\\.\ESIASDRV') then
    Result := True
  else
    Result := False;
end;

// ESET Nod32 Antivirus
function IsEsetAntivir: Boolean;
begin
  if (DriveExist('drivers\ehdrv.sys')) or (DriveExist('drivers\eamon.sys')) or (IsUninstall('ESET')) then
    Result := True
  else
    Result := False;
end;

// ESET Personal Firewall
function IsEsetFire: Boolean;
begin
  if (IsRing0('\\.\EPFWNDIS')) or (IsRing0('\\.\EPFW')) or (DriveExist('drivers\epfwtdi.sys')) then
    Result := True
  else
    Result := False;
end;

// Trend Micro Internet Security
function IsTrendMicro: Boolean;
begin
  if IsRing0('\\.\TMACTMON') then
    Result := True
  else
    Result := False;
end;

// Kaspersky Internet Security 2008 & WorkStation
function IsKIS2008: Boolean;
begin
  if IsRing0('\\.\KLIM5') then
    Result := True
  else
    Result := False;
end;

// Agnitum Outpost Firewall
function IsOutpostFire: Boolean;
begin
  if (DriveExist('drivers\afwcore.sys')) or (DriveExist('drivers\afw.sys')) or (IsUninstall('Outpost')) then
    Result := True
  else
    Result := False;
end;

// Agnitum Anti-Spyware
function IsOutpostAntiSpy: Boolean;
begin
  if DriveExist('filt\aswfilt.dll') then
    Result := True
  else
    Result := False;
end;

// Agnitum Host Protection
function IsOutpostHostProt: Boolean;
begin
  if DriveExist('drivers\sandbox.sys') then
    Result := True
  else
    Result := False;
end;

// Malwarebytes' Anti-Malware
function IsAntiMalware: Boolean;
begin
  if (DriveExist('drivers\mbam.sys')) or (DriveExist('drivers\mbamswissarmy.sys')) then
    Result := True
  else
    Result := False;
end;

// Zillya! Антивирус
function IsZillya: Boolean;
begin
  if DriveExist( 'drivers\ZFMSYS.sys') then
    Result := True
  else
    Result := False;
end;

// Advanced SystemCare
function IsAdvancedSysCare: Boolean;
begin
  if IsUninstall('Advanced SystemCare') then
    Result := True
  else
    Result := False;
end;

// Антивирус Stop!
function IsAvirStop: Boolean;
begin
  if IsUninstall('Антивирус Stop!') then
    Result := True
  else
    Result := False;
end;

// USBGuard
function IsUSBGuard: Boolean;
begin
  if IsUninstall('USBGuard') then
    Result := True
  else
    Result := False;
end;

// AnVir Task Manager
function IsAnvitTaskMgr: Boolean;
begin
  if IsUninstall('AnVir Task Manager') then
    Result := True
  else
    Result := False;
end;

// Lavasoft Ad-Aware
function IsAdAware: Boolean;
begin
  if (IsUninstall('Ad-Aware')) or (DriveExist('drivers\lbd.sys')) or (IsRing0('\\.\LBD')) then
    Result := True
  else
    Result := False;
end;

// Microsoft Security Essentials
function IsMSecEssentials: Boolean;
begin
  if (DriveExist('drivers\mpfilter.sys')) or (IsUninstall('Microsoft Security Essentials')) then
    Result := True
  else
    Result := False;
end;

// McAfee
function IsMcAfee: Boolean;
begin
  if IsUninstall('McAfee') then
    Result := True
  else
    Result := False;
end;

// McAfee Personal Firewall
function IsMcAfeeeFire: Boolean;
begin
  if (IsRing0('\\.\MPFP')) or (DriveExist('drivers\mpfp.sys')) then
    Result := True
  else
    Result := False;
end;

// SpyHunter
function IsSpyHunter: Boolean;
begin
  if IsUninstall('SpyHunter') then
    Result := True
  else
    Result := False;
end;

end.
http://slil.ru/28697354 - Скачать Antivirus Detector v0.2 [Beta] (Delphi Module)
 
Ответить с цитированием