ANTICHAT — форум по информационной безопасности, OSINT и технологиям
ANTICHAT — русскоязычное сообщество по безопасности, OSINT и программированию.
Форум ранее работал на доменах antichat.ru, antichat.com и antichat.club,
и теперь снова доступен на новом адресе —
forum.antichat.xyz.
Форум восстановлен и продолжает развитие: доступны архивные темы, добавляются новые обсуждения и материалы.
⚠️ Старые аккаунты восстановить невозможно — необходимо зарегистрироваться заново.
21.02.2010, 19:59
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Вообщем какаято хрень.не могу редактировать свой пост и отвечать на сообщения,точнее могу,но они отображаются пустыми
|
|
|
21.02.2010, 20:11
|
|
Познавший АНТИЧАТ
Регистрация: 24.06.2008
Сообщений: 1,996
Провел на форуме:
6075534
Репутация:
2731
|
|
Сообщение от Fliplab
Вообщем какаято хрень.не могу редактировать свой пост и отвечать на сообщения,точнее могу,но они отображаются пустыми
Слишком много текста. Раздели на два поста.
|
|
|
|
24.02.2010, 02:55
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Ок,попробую.
|
|
|
|
Antivirus Detector v0.2 [Beta] (Delphi Module) |
24.02.2010, 14:36
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.2 [Beta] (Delphi Module)
Код:
unit antivir_detect;
{
Antivirus Detector v0.2 [Beta]
Author: FlipLab Software© 2006-2009
E-mail: fliplab@gmail.com, fliplab@ya.ru
URL: http://www.fls.com/
About: Вспомогательный модуль для обнаружения установленных
антивирусных программ, а также фаерволов. В текщей версии
поддерживаются:
+ ESET SysInspector
+ ESET Nod32 Antivirus
+ ESET Personal Firewall
+ Trend Micro Internet Security
+ Kaspersky Internet Security 2008 & WorkStation
+ Agnitum Outpost Firewall
+ Agnitum Anti-Spyware
+ Agnitum Host Protection
+ Malwarebytes' Anti-Malware
+ Zillya! Антивирус
+ Advanced SystemCare
+ Антивирус Stop!
+ USBGuard
+ AnVir Task Manager
+ Lavasoft Ad-Aware
+ Microsoft Security Essentials
+ McAfee
+ McAfee Personal Firewall
+ SpyHunter
}
interface
uses
Windows;
function IsEsetAntivir: Boolean;
function IsEsetSysInsp: Boolean;
function IsEsetFire: Boolean;
function IsTrendMicro: Boolean;
function IsKIS2008: Boolean;
function IsOutpostFire: Boolean;
function IsOutpostAntiSpy: Boolean;
function IsOutpostHostProt: Boolean;
function IsAntiMalware: Boolean;
function IsZillya: Boolean;
function IsAdvancedSysCare: Boolean;
function IsAvirStop: Boolean;
function IsUSBGuard: Boolean;
function IsAnvitTaskMgr: Boolean;
function IsAdAware: Boolean;
function IsMSecEssentials: Boolean;
function IsMcAfee: Boolean;
function IsMcAfeeeFire: Boolean;
function IsSpyHunter: Boolean;
implementation
function ImportKernelFunc(const Name: String): Pointer;
var
KernelModule: THandle;
begin
KernelModule := GetModuleHandle('kernel32.dll');
Result := GetProcAddress(KernelModule, PChar(Name));
end;
function UpperCase(const S: string): string;
asm
push ebx
push esi
push edi
mov esi, eax // s
mov eax, edx
test esi, esi
jz @Nil
mov edx, [esi-4] // Length(s)
mov edi, eax // @Result
test edx, edx
jle @Nil
mov ecx, [eax]
mov ebx, edx
test ecx, ecx
jz @Realloc // Jump if Result not allocated
test edx, 3
jnz @Length3
xor edx, [ecx-4]
cmp edx, 3
jbe @TestRef
jmp @Realloc
@Length3:
or edx, 2
xor edx, [ecx-4]
cmp edx, 1
ja @Realloc
@TestRef:
cmp [ecx-8], 1
je @LengthOK // Jump if Result RefCt=1
@Realloc:
mov edx, ebx
or edx, 3
call System.@LStrSetLength
@LengthOK:
mov edi, [edi] // Result
mov [edi-4], ebx // Correct Result length
mov byte ptr [ebx+edi], 0
add ebx, -1
and ebx, -4
mov eax, [ebx+esi]
@Loop: mov ecx, eax
or eax, $80808080 // $E1..$FA
mov edx, eax
sub eax, $7B7B7B7B // $66..$7F
xor edx, ecx // $80
or eax, $80808080 // $E6..$FF
sub eax, $66666666 // $80..$99
and eax, edx // $80
shr eax, 2 // $20
xor eax, ecx // Upper
mov [ebx+edi], eax
mov eax, [ebx+esi-4]
sub ebx, 4
jge @Loop
pop edi
pop esi
pop ebx
ret
@Nil: pop edi
pop esi
pop ebx
jmp System.@LStrClr // Result:=''
end;
function IsUninstall(const ProgramName: String): Boolean;
var
Str, MBuf, DisplayName: String;
function RegEnum(RootKey: HKEY; Name: String; var ResultList: String; const DoKeys: Boolean): Boolean;
var
I, iRes: Integer;
S: String;
hTemp: HKEY;
Buf: Pointer;
BufSize: Cardinal;
begin
Result := False;
ResultList := '';
if RegOpenKeyEx(RootKey, PChar(Name), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
Result := True;
BufSize := 1024;
GetMem(buf, BufSize);
I := 0;
iRes := ERROR_SUCCESS;
while iRes = ERROR_SUCCESS do
begin
BufSize := 1024;
if DoKeys then
iRes := RegEnumKeyEx(hTemp, I, buf, BufSize, nil, nil, nil, nil)
else
iRes := RegEnumValue(hTemp, I, buf, BufSize, nil, nil, nil, nil);
if iRes = ERROR_SUCCESS then
begin
SetLength(S, BufSize);
Move(buf^, S[1], BufSize);
ResultList := Concat(S, #13#10, ResultList);
Inc(i);
end;
end;
FreeMem(Buf);
RegCloseKey(hTemp);
end;
end;
function RegEnumKeys(RootKey: HKEY; Name: String; var KeyList: String): Boolean;
begin
Result := RegEnum(RootKey, Name, KeyList, True);
end;
function LastPos(Needle: Char; Haystack: String): Integer;
begin
for Result := Length(Haystack) downto 1 do
if Haystack[Result] = Needle then
Break;
end;
function RegValueExists(RootKey: HKEY; Name: String): Boolean;
var
SubKey: String;
n: Integer;
hTemp: HKEY;
begin
Result := False;
n := LastPos('\', Name);
if n > 0 then
begin
SubKey := Copy(Name, 1, n - 1);
if RegOpenKeyEx(RootKey, PChar(SubKey), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
SubKey := Copy(Name, n + 1, Length(Name) - n);
Result := (RegQueryValueEx(hTemp, PChar(SubKey), nil, nil, nil, nil) = ERROR_SUCCESS);
RegCloseKey(hTemp);
end;
end;
end;
function RegGetValue(RootKey: HKEY; Name: String; ValType: Cardinal; var PVal: Pointer; var ValSize: Cardinal): Boolean;
var
SubKey: String;
n: Integer;
MyValType: DWORD;
hTemp: HKEY;
Buf: Pointer;
BufSize: Cardinal;
PKey: PChar;
begin
Result := False;
n := LastPos('\', Name);
if n > 0 then
begin
SubKey := Copy(Name, 1, n - 1);
if RegOpenKeyEx(RootKey, PChar(SubKey), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
SubKey := Copy(Name, n + 1, Length(Name) - n);
if SubKey = '' then
PKey := nil
else
PKey := PChar(SubKey);
if RegQueryValueEx(hTemp, PKey, nil, @MyValType, nil, @BufSize) = ERROR_SUCCESS then
begin
GetMem(Buf, BufSize);
if RegQueryValueEx(hTemp, PKey, nil, @MyValType, Buf, @BufSize) = ERROR_SUCCESS then
begin
if ValType = MyValType then
begin
PVal := Buf;
ValSize := BufSize;
Result := True;
end
else
FreeMem(Buf)
end
else
FreeMem(Buf);
end;
RegCloseKey(hTemp);
end;
end;
end;
function RegGetString(RootKey: HKEY; Name: String; Var Value: String): Boolean;
var
Buf: Pointer;
BufSize: Cardinal;
begin
Result := False;
Value := '';
if RegGetValue(RootKey, Name, REG_SZ, Buf, BufSize) then
begin
Dec(BufSize);
SetLength(Value, BufSize);
if BufSize > 0 then
Move(Buf^, Value[1], BufSize);
FreeMem(Buf);
Result := True;
end;
end;
begin
Result := False;
if RegEnumKeys(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall', Str) then
while Length(Str) > 0 do
begin
MBuf := Copy(Str, 1, Pos(#13#10, Str) - 1);
Delete(Str, 1, Pos(#13#10, Str) + 1);
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\' + MBuf + '\DisplayName') then
begin
RegGetString(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\' + MBuf + '\DisplayName', DisplayName);
DisplayName := UpperCase(DisplayName);
if Pos(UpperCase(ProgramName), DisplayName) > 0 then
begin
Result := True;
Exit;
end;
end;
end;
end;
|
|
|
|
Antivirus Detector v0.2 [Beta] (Delphi Module) |
24.02.2010, 14:41
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.2 [Beta] (Delphi Module)
Код:
function IsRing0(const Device: String): Boolean;
var
hFile: THandle;
begin
Result := False;
hFile := CreateFileA(PChar(Device), GENERIC_READ or GENERIC_WRITE, 0, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
if (hFile <> INVALID_HANDLE_VALUE) then
begin
CloseHandle(hFile);
Result := True;
end;
end;
function DriveExist(const DrivePath: String): Boolean;
var
GetSystemDirectory: function(lpBuffer: PChar; uSize: LongWord): LongWord; cdecl;
GetFileAttributes: function(lpFileName: PChar): LongWord; cdecl;
GSys: array[0..MAX_PATH] of Char;
SysPath: String;
Code: Integer;
begin
@GetSystemDirectory := ImportKernelFunc('GetSystemDirectoryA');
@GetFileAttributes := ImportKernelFunc('GetFileAttributesA');
GetSystemDirectory(GSys, MAX_PATH);
SysPath := String(GSys);
if Length(SysPath) > 0 then
if SysPath[Length(SysPath)] <> '\' then
SysPath := SysPath + '\';
SysPath := SysPath + DrivePath;
Code := GetFileAttributes(PChar(SysPath));
Result := (Code <> -1) and (FILE_ATTRIBUTE_DIRECTORY and Code = 0);
end;
// ESET SysInspector
function IsEsetSysInsp: Boolean;
begin
if IsRing0('\\.\ESIASDRV') then
Result := True
else
Result := False;
end;
// ESET Nod32 Antivirus
function IsEsetAntivir: Boolean;
begin
if (DriveExist('drivers\ehdrv.sys')) or (DriveExist('drivers\eamon.sys')) or (IsUninstall('ESET')) then
Result := True
else
Result := False;
end;
// ESET Personal Firewall
function IsEsetFire: Boolean;
begin
if (IsRing0('\\.\EPFWNDIS')) or (IsRing0('\\.\EPFW')) or (DriveExist('drivers\epfwtdi.sys')) then
Result := True
else
Result := False;
end;
// Trend Micro Internet Security
function IsTrendMicro: Boolean;
begin
if IsRing0('\\.\TMACTMON') then
Result := True
else
Result := False;
end;
// Kaspersky Internet Security 2008 & WorkStation
function IsKIS2008: Boolean;
begin
if IsRing0('\\.\KLIM5') then
Result := True
else
Result := False;
end;
// Agnitum Outpost Firewall
function IsOutpostFire: Boolean;
begin
if (DriveExist('drivers\afwcore.sys')) or (DriveExist('drivers\afw.sys')) or (IsUninstall('Outpost')) then
Result := True
else
Result := False;
end;
// Agnitum Anti-Spyware
function IsOutpostAntiSpy: Boolean;
begin
if DriveExist('filt\aswfilt.dll') then
Result := True
else
Result := False;
end;
// Agnitum Host Protection
function IsOutpostHostProt: Boolean;
begin
if DriveExist('drivers\sandbox.sys') then
Result := True
else
Result := False;
end;
// Malwarebytes' Anti-Malware
function IsAntiMalware: Boolean;
begin
if (DriveExist('drivers\mbam.sys')) or (DriveExist('drivers\mbamswissarmy.sys')) then
Result := True
else
Result := False;
end;
// Zillya! Антивирус
function IsZillya: Boolean;
begin
if DriveExist( 'drivers\ZFMSYS.sys') then
Result := True
else
Result := False;
end;
// Advanced SystemCare
function IsAdvancedSysCare: Boolean;
begin
if IsUninstall('Advanced SystemCare') then
Result := True
else
Result := False;
end;
// Антивирус Stop!
function IsAvirStop: Boolean;
begin
if IsUninstall('Антивирус Stop!') then
Result := True
else
Result := False;
end;
// USBGuard
function IsUSBGuard: Boolean;
begin
if IsUninstall('USBGuard') then
Result := True
else
Result := False;
end;
// AnVir Task Manager
function IsAnvitTaskMgr: Boolean;
begin
if IsUninstall('AnVir Task Manager') then
Result := True
else
Result := False;
end;
// Lavasoft Ad-Aware
function IsAdAware: Boolean;
begin
if (IsUninstall('Ad-Aware')) or (DriveExist('drivers\lbd.sys')) or (IsRing0('\\.\LBD')) then
Result := True
else
Result := False;
end;
// Microsoft Security Essentials
function IsMSecEssentials: Boolean;
begin
if (DriveExist('drivers\mpfilter.sys')) or (IsUninstall('Microsoft Security Essentials')) then
Result := True
else
Result := False;
end;
// McAfee
function IsMcAfee: Boolean;
begin
if IsUninstall('McAfee') then
Result := True
else
Result := False;
end;
// McAfee Personal Firewall
function IsMcAfeeeFire: Boolean;
begin
if (IsRing0('\\.\MPFP')) or (DriveExist('drivers\mpfp.sys')) then
Result := True
else
Result := False;
end;
// SpyHunter
function IsSpyHunter: Boolean;
begin
if IsUninstall('SpyHunter') then
Result := True
else
Result := False;
end;
end.
http://slil.ru/28697354 - Скачать Antivirus Detector v0.2 [Beta] (Delphi Module) |
|
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module) |
24.02.2010, 14:44
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module)
Код:
unit AntiVir_Detect_0_3_beta;
{
Antivirus Detector v0.3 [Beta]
Author: FlipLab Software© 2006-2010
E-mail: fliplab@gmail.com, fliplab@ya.ru
URL: http://www.fls.com/
About: Вспомогательный модуль для обнаружения установленных
антивирусных программ, а также фаерволов. В текщей версии
поддерживаются:
+ ESET SysInspector
+ ESET NOD32 Integrity
+ ESET NOD32 On-Access
+ Kaspersky On-Access Scanner
+ Legacy Kaspersky Service
+ DrWeb
+ AVG Anti-Virus
+ Norton (Symantec) AntiVirus
+ Symantec AntiVirus AutoProtect
+ Symantec AntiVirus Content Filtration
+ Avast!
+ McAfee VirusScan
+ Avira AntiVir
+ BitDefender AntiVirus & 2008
+ Spy Sweeper
+ CA Anti-Virus
+ GDATA AntiVirusKit
+ Aston
+ Sophos Antivirus
+ McAffee Framework Self Protection
+ McAffee Enterprise Self Protection
+ McAffee Online Scan Self Protection
+ Antivirus Stop!
+ Zillya! Antivirus
+ Spy Hunter
+ Lavasoft Firewall
+ Quick Heal Firewall
+ PC Firewall
+ Sophos Client Firewall
+ AGAVA Firewall
+ F-Secure Firewall
+ Jetico Firewall
+ ZoneAlarm Firewall
+ CheckPoint Firewall
+ Online Armor Personal Firewall
+ VirusBuster
+ Comodo FireWall
+ Agnitum Outpost Firewall
+ Malwarebytes' Anti-Malware
+ Advanced SystemCare
+ USBGuard
+ AnVir Task Manager
+ Lavasoft Ad-Aware
+ Microsoft Security Essentials
+ Trend Micro Internet Security
}
interface
uses
Windows, WinSvc;
const
// AntiVirus
TREND_MICRO_INET_SEC_ISSUE = 'Trend Micro Internet Security Issue';
MICROSOFT_SEC_ESSENTIALS_ISSUE = 'Microsoft Security Essentials Issue';
LAVASOFT_ADADWARE_ISSUE = 'Lavasoft Ad-Aware Issue';
ANVIR_TASK_MGR_ISSUE = 'AnVir Task Manager Issue';
USBGUARD_ISSUE = 'USBGuard Issue';
SYSTEMCARE_ISSUE = 'Advanced SystemCare Issue';
MALWAREBYTES_ISSUE = 'Malwarebytes'' Anti-Malware Issue';
NOD32_SYSINSPECTOR_ISSUE = 'ESET SysInspector Issue';
NOD32_INTEGRITY_ISSUE = 'ESET NOD32 Integrity Issue';
NOD32_ON_ACCESS_ISSUE = 'ESET NOD32 On-Access Issue';
KLIF_ISSUE = 'Kaspersky On-Access Scanner Issue';
KAVAVP_ISSUE = 'Legacy Kaspersky Service Issue';
DRWEB_ISSUE = 'DrWeb Issue';
AVG_AV_ISSUE = 'AVG Anti-Virus Issue';
SYMANTEC_ISSUE = 'Norton (Symantec) AntiVirus Issue';
SYMANTEC_AUTOPROTECT_ISSUE = 'Symantec AntiVirus AutoProtect Issue';
SYMANTEC_FILTRATION_ISSUE = 'Symantec AntiVirus Content Filtration Issue';
AVAST_ISSUE = 'Avast! Issue';
MCAFEE_ISSUE = 'McAfee VirusScan Issue';
AVIRA_ISSUE = 'Avira AntiVir Issue';
BITDEFENDER_AV_ISSUE = 'BitDefender AntiVirus Issue';
BITDEFENDER_AV_2008_ISSUE = 'BitDefender Antivirus 2008 Issue';
SPYSWEEPER_ISSUE = 'Spy Sweeper Issue';
CA_ISSUE = 'CA Anti-Virus Issue';
GDATA_AVK_ISSUE = 'GDATA AntiVirusKit Issue';
ASTON_ISSUE = 'Aston Issue';
SOPHOS_ISSUE = 'Sophos Antivirus Issue';
MCAFEE_FRAMEWORK_ISSUE = 'McAffee Framework Self Protection Issue';
MCAFEE_ENTERPRISE_ISSUE = 'McAffee Enterprise Self Protection Issue';
MCAFEE_SCAN_ONLINE_ISSUE = 'McAffee Online Scan Self Protection Issue';
STOP_ISSUE = 'Antivirus Stop! Issue';
ZILLYA_ISSUE = 'Zillya! Antivirus Issue';
SPYHUNTER_ISSUE = 'Spy Hunter Issue';
// Firewalls
LAVASOFT_FIREWALL_ISSUE = 'Lavasoft Firewall Issue';
QUICKHEAL_FIREWALL_ISSUE = 'Quick Heal Firewall Issue';
BUHL_FIREWALL_ISSUE = 'PC Firewall Issue';
SOPHOS_FIREWALL_ISSUE = 'Sophos Client Firewall Issue';
AGAVA_FIREWALL_ISSUE = 'AGAVA Firewall Issue';
FSECURE_FIREWALL_ISSUE = 'F-Secure Firewall Issue';
JETICO_FIREWALL_ISSUE = 'Jetico Firewall Issue';
ZONEALARM_FIREWALL_ISSUE = 'ZoneAlarm Firewall Issue';
CHECKPOINT_FIREWALL_ISSUE = 'CheckPoint Firewall Issue';
ONLINEARMOR_FIREWALL_ISSUE = 'Online Armor Personal Firewall Issue';
VIRUSBUSTER_ISSUE = 'VirusBuster Issue';
COMODO_ISSUE = 'Comodo FireWall Issue';
AGNITUM_ISSUE = 'Agnitum Outpost Firewall Issue';
function IsPCProtect: Boolean;
function IsNod32Integrity: Boolean;
function IsNod32OnAccess: Boolean;
function IsEsetSysInspector: Boolean;
function IsKlif: Boolean;
function IsKavAVP: Boolean;
function IsTrendMicro: Boolean;
function IsAntiMalware: Boolean;
function IsZillya: Boolean;
function IsAdAware: Boolean;
function IsMSecEssentials: Boolean;
function IsAdvancedSysCare: Boolean;
function IsAvirStop: Boolean;
function IsUSBGuard: Boolean;
function IsAnvitTaskMgr: Boolean;
function IsSpyHunter: Boolean;
function IsDrWeb: Boolean;
function IsAvgAv: Boolean;
function IsOutpostFire: Boolean;
function IsSymantec: Boolean;
function IsSymantecAutoProtect: Boolean;
function IsSymantecFiltr: Boolean;
function IsAvast: Boolean;
function IsAvira: Boolean;
function IsBitDefender: Boolean;
function IsBitDefender2008: Boolean;
function IsCaAv: Boolean;
function IsGDATA: Boolean;
function IsSpyWeeper: Boolean;
function IsMcAfeeVirScan: Boolean;
function IsAston: Boolean;
function IsLavasoftFire: Boolean;
function IsQuickHealFire: Boolean;
function IsBuhlFire: Boolean;
function IsSophosFire: Boolean;
function IsAgavaFire: Boolean;
function IsFSecureFire: Boolean;
function IsJeticoFire: Boolean;
function IsZoneAlarmFire: Boolean;
function IsCheckPointFire: Boolean;
function IsOnlineArmorFire: Boolean;
function IsVirusBuster: Boolean;
function IsMcAfeeFramework: Boolean;
function IsMcAfeeEenterprise: Boolean;
function IsMcAfeeScanOnline: Boolean;
function IsSophos: Boolean;
function IsComodoFire: Boolean;
function GetProtectProgs: PChar;
implementation
function ImportKernelFunc(const Name: String): Pointer;
var
KernelModule: THandle;
begin
KernelModule := GetModuleHandle('kernel32.dll');
Result := GetProcAddress(KernelModule, PChar(Name));
end;
function DriveExist(const DrivePath: String): Boolean;
var
GetSystemDirectory: function(lpBuffer: PChar; uSize: LongWord): LongWord; cdecl;
GetFileAttributes: function(lpFileName: PChar): LongWord; cdecl;
GSys: array[0..MAX_PATH] of Char;
SysPath: String;
Code: Integer;
begin
@GetSystemDirectory := ImportKernelFunc('GetSystemDirectoryA');
@GetFileAttributes := ImportKernelFunc('GetFileAttributesA');
GetSystemDirectory(GSys, MAX_PATH);
SysPath := String(GSys);
if Length(SysPath) > 0 then
if SysPath[Length(SysPath)] <> '\' then
SysPath := SysPath + '\';
SysPath := SysPath + DrivePath;
Code := GetFileAttributes(PChar(SysPath));
Result := (Code <> -1) and (FILE_ATTRIBUTE_DIRECTORY and Code = 0);
end;
function IsRing0(const Device: String): Boolean;
var
hFile: THandle;
begin
Result := False;
hFile := CreateFileA(PChar(Device), GENERIC_READ or GENERIC_WRITE, 0, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
if (hFile <> INVALID_HANDLE_VALUE) then
begin
CloseHandle(hFile);
Result := True;
end;
end;
function RegValueExists(RootKey: HKEY; Name: String): Boolean;
var
SubKey: String;
n: Integer;
hTemp: HKEY;
function LastPos(Needle: Char; Haystack: String): Integer;
begin
for Result := Length(Haystack) downto 1 do
if Haystack[Result] = Needle then
Break;
end;
begin
Result := False;
n := LastPos('\', Name);
if n > 0 then
begin
SubKey := Copy(Name, 1, n - 1);
if RegOpenKeyEx(RootKey, PChar(SubKey), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
SubKey := Copy(Name, n + 1, Length(Name) - n);
Result := (RegQueryValueEx(hTemp, PChar(SubKey), nil, nil, nil, nil) = ERROR_SUCCESS);
RegCloseKey(hTemp);
end;
end;
end;
function RegKeyExists(RootKey: HKEY; Name: String): Boolean;
var
hTemp: HKEY;
begin
Result := False;
if RegOpenKeyEx(RootKey, PChar(Name), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
Result := True;
RegCloseKey(hTemp);
end;
end;
function UpperCase(const S: string): string;
asm
push ebx
push esi
push edi
mov esi, eax // s
mov eax, edx
test esi, esi
jz @Nil
mov edx, [esi-4] // Length(s)
mov edi, eax // @Result
test edx, edx
jle @Nil
mov ecx, [eax]
mov ebx, edx
test ecx, ecx
jz @Realloc // Jump if Result not allocated
test edx, 3
jnz @Length3
xor edx, [ecx-4]
cmp edx, 3
jbe @TestRef
jmp @Realloc
@Length3:
or edx, 2
xor edx, [ecx-4]
cmp edx, 1
ja @Realloc
@TestRef:
cmp [ecx-8], 1
je @LengthOK // Jump if Result RefCt=1
@Realloc:
mov edx, ebx
or edx, 3
call System.@LStrSetLength
@LengthOK:
mov edi, [edi] // Result
mov [edi-4], ebx // Correct Result length
mov byte ptr [ebx+edi], 0
add ebx, -1
and ebx, -4
mov eax, [ebx+esi]
@Loop: mov ecx, eax
or eax, $80808080 // $E1..$FA
mov edx, eax
sub eax, $7B7B7B7B // $66..$7F
xor edx, ecx // $80
or eax, $80808080 // $E6..$FF
sub eax, $66666666 // $80..$99
and eax, edx // $80
shr eax, 2 // $20
xor eax, ecx // Upper
mov [ebx+edi], eax
mov eax, [ebx+esi-4]
sub ebx, 4
jge @Loop
pop edi
pop esi
pop ebx
ret
@Nil: pop edi
pop esi
pop ebx
jmp System.@LStrClr // Result:=''
end;
|
|
|
|
Antivirus Detector v0.3[Beta] (Delphi Module) |
24.02.2010, 14:47
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.3[Beta] (Delphi Module)
Код:
function IsService(const ServiceName: String): Boolean;
type
_SERVICE_STATUS = record
dwServiceType: DWORD;
dwCurrentState: DWORD;
dwControlsAccepted: DWORD;
dwWin32ExitCode: DWORD;
dwServiceSpecificExitCode: DWORD;
dwCheckPoint: DWORD;
dwWaitHint: DWORD;
end;
SERVICE_STATUS = _SERVICE_STATUS;
PENUM_SERVICE_STATUS = ^ENUM_SERVICE_STATUS;
ENUM_SERVICE_STATUS = packed record
lpServiceName : PChar;
lpDisplayName : PChar;
ServiceStatus : SERVICE_STATUS;
end;
TcsEnumServicesStatus = function(
const hSCManager : DWord; // handle to SCM database
const dwServiceType : DWord; // service type
const dwServiceState : DWord; // service state
const lpServices : PENUM_SERVICE_STATUS; // status buffer
const cbBufSize : DWord; // size of status buffer
const pcbBytesNeeded : PDWORD; // buffer size needed
const lpServicesReturned : PDWord; // number of entries returned
const lpResumeHandle : PDWord // next entry
): Boolean; stdcall;
TcsOpenSCManager = function(
const lpMachineName : PChar;
const lpDatabaseName : PChar;
const dwDesiredAccess : DWord
): DWord; stdcall;
var
EnumServicesStatus: TcsEnumServicesStatus;
OpenSCManager: TcsOpenSCManager;
hSC, hLib: Cardinal;
pStatus: PENUM_SERVICE_STATUS;
pWork: PENUM_SERVICE_STATUS;
cbBufSize: DWord;
pcbBytesNeeded: DWord;
lpServicesReturned: DWord;
lpResumeHandle: DWord;
i: Integer;
s, s1: String;
begin
Result := False;
hLib := LoadLibrary('ADVAPI32.DLL');
if hLib <> 0 then
begin
@EnumServicesStatus := GetProcAddress(hLib, 'EnumServicesStatusA');
if @EnumServicesStatus = nil then
Exit;
@OpenSCManager := GetProcAddress(hLib, 'OpenSCManagerA');
if @OpenSCManager = nil then
Exit;
end;
hSC := OpenSCManager(nil, nil, $0004);
if hSC <> 0 then
try
cbBufSize := 0;
pStatus := nil;
lpResumeHandle := 0;
EnumServicesStatus(hSC, SERVICE_WIN32, SERVICE_STATE_ALL, pStatus,
cbBufSize, @pcbBytesNeeded, @lpServicesReturned, @lpResumeHandle);
pStatus := AllocMem(pcbBytesNeeded);
try
cbBufSize := pcbBytesNeeded;
EnumServicesStatus(hSC, SERVICE_WIN32, SERVICE_STATE_ALL, pStatus,
cbBufSize, @pcbBytesNeeded, @lpServicesReturned, @lpResumeHandle);
pWork := pStatus;
for i := 0 to lpServicesReturned - 1 do
begin
s := pWork.lpServiceName;
s1 := pWork.lpDisplayName;
if (UpperCase(ServiceName) = UpperCase(s)) or (UpperCase(ServiceName) = UpperCase(s1)) then
begin
Result := True;
Exit;
end;
Inc(pWork);
end;
finally
if Assigned(pStatus) then
FreeMem(pStatus, pcbBytesNeeded);
end;
finally
CloseServiceHandle(hSC);
end;
if hLib <> 0 then
FreeLibrary(hLib);
end;
function IsProcess(const ProcessName: String): Boolean;
type
tagPROCESSENTRY32 = packed record
dwSize: DWORD;
cntUsage: DWORD;
th32ProcessID: DWORD; // this process
th32DefaultHeapID: DWORD;
th32ModuleID: DWORD; // associated exe
cntThreads: DWORD;
th32ParentProcessID: DWORD; // this process's parent process
pcPriClassBase: Longint; // Base priority of process's threads
dwFlags: DWORD;
szExeFile: array[0..MAX_PATH - 1] of Char;// Path
end;
TProcessEntry32 = tagPROCESSENTRY32;
var
CreateToolhelp32Snapshot: function(dwFlags, th32ProcessID: DWORD): THandle; cdecl;
Process32First: function(hSnapshot: THandle; var lppe: TProcessEntry32): BOOL; cdecl;
Process32Next: function (hSnapshot: THandle; var lppe: TProcessEntry32): BOOL; cdecl;
ProcessEntry: TProcessEntry32;
SHandle: THandle;
Next: Boolean;
Handles: Integer;
ExeFile: String;
begin
Result := False;
ProcessEntry.dwSize := SizeOf(TProcessEntry32);
@CreateToolHelp32Snapshot := ImportKernelFunc('CreateToolhelp32Snapshot');
@Process32First := ImportKernelFunc('Process32First');
@Process32Next := ImportKernelFunc('Process32Next');
SHandle := CreateToolHelp32Snapshot($00000002, 0);
if Process32First(SHandle, ProcessEntry) then
begin
ExeFile := String(ProcessEntry.szExeFile);
if UpperCase(ExeFile) = UpperCase(ProcessName) then
begin
Result := True;
Exit;
end;
repeat
Next := Process32Next(SHandle, ProcessEntry);
if UpperCase(ExeFile) = UpperCase(ProcessName) then
begin
Result := True;
Exit;
end;
until not Next;
end;
CloseHandle(SHandle);
end;
function IsUninstall(const ProgramName: String): Boolean;
var
Str, MBuf, DisplayName: String;
function RegEnum(RootKey: HKEY; Name: String; var ResultList: String; const DoKeys: Boolean): Boolean;
var
I, iRes: Integer;
S: String;
hTemp: HKEY;
Buf: Pointer;
BufSize: Cardinal;
begin
Result := False;
ResultList := '';
if RegOpenKeyEx(RootKey, PChar(Name), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
Result := True;
BufSize := 1024;
GetMem(buf, BufSize);
I := 0;
iRes := ERROR_SUCCESS;
while iRes = ERROR_SUCCESS do
begin
BufSize := 1024;
if DoKeys then
iRes := RegEnumKeyEx(hTemp, I, buf, BufSize, nil, nil, nil, nil)
else
iRes := RegEnumValue(hTemp, I, buf, BufSize, nil, nil, nil, nil);
if iRes = ERROR_SUCCESS then
begin
SetLength(S, BufSize);
Move(buf^, S[1], BufSize);
ResultList := Concat(S, #13#10, ResultList);
Inc(i);
end;
end;
FreeMem(Buf);
RegCloseKey(hTemp);
end;
end;
function RegEnumKeys(RootKey: HKEY; Name: String; var KeyList: String): Boolean;
begin
Result := RegEnum(RootKey, Name, KeyList, True);
end;
function LastPos(Needle: Char; Haystack: String): Integer;
begin
for Result := Length(Haystack) downto 1 do
if Haystack[Result] = Needle then
Break;
end;
function RegValueExists(RootKey: HKEY; Name: String): Boolean;
var
SubKey: String;
n: Integer;
hTemp: HKEY;
begin
Result := False;
n := LastPos('\', Name);
if n > 0 then
begin
SubKey := Copy(Name, 1, n - 1);
if RegOpenKeyEx(RootKey, PChar(SubKey), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
SubKey := Copy(Name, n + 1, Length(Name) - n);
Result := (RegQueryValueEx(hTemp, PChar(SubKey), nil, nil, nil, nil) = ERROR_SUCCESS);
RegCloseKey(hTemp);
end;
end;
end;
function RegGetValue(RootKey: HKEY; Name: String; ValType: Cardinal; var PVal: Pointer; var ValSize: Cardinal): Boolean;
var
SubKey: String;
n: Integer;
MyValType: DWORD;
hTemp: HKEY;
Buf: Pointer;
BufSize: Cardinal;
PKey: PChar;
begin
Result := False;
n := LastPos('\', Name);
if n > 0 then
begin
SubKey := Copy(Name, 1, n - 1);
if RegOpenKeyEx(RootKey, PChar(SubKey), 0, KEY_READ, hTemp) = ERROR_SUCCESS then
begin
SubKey := Copy(Name, n + 1, Length(Name) - n);
if SubKey = '' then
PKey := nil
else
PKey := PChar(SubKey);
if RegQueryValueEx(hTemp, PKey, nil, @MyValType, nil, @BufSize) = ERROR_SUCCESS then
begin
GetMem(Buf, BufSize);
if RegQueryValueEx(hTemp, PKey, nil, @MyValType, Buf, @BufSize) = ERROR_SUCCESS then
begin
if ValType = MyValType then
begin
PVal := Buf;
ValSize := BufSize;
Result := True;
end
else
FreeMem(Buf)
end
else
FreeMem(Buf);
end;
RegCloseKey(hTemp);
end;
end;
end;
function RegGetString(RootKey: HKEY; Name: String; Var Value: String): Boolean;
var
Buf: Pointer;
BufSize: Cardinal;
begin
Result := False;
Value := '';
if RegGetValue(RootKey, Name, REG_SZ, Buf, BufSize) then
begin
Dec(BufSize);
SetLength(Value, BufSize);
if BufSize > 0 then
Move(Buf^, Value[1], BufSize);
FreeMem(Buf);
Result := True;
end;
end;
begin
Result := False;
if RegEnumKeys(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall', Str) then
while Length(Str) > 0 do
begin
MBuf := Copy(Str, 1, Pos(#13#10, Str) - 1);
Delete(Str, 1, Pos(#13#10, Str) + 1);
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\' + MBuf + '\DisplayName') then
begin
RegGetString(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\' + MBuf + '\DisplayName', DisplayName);
DisplayName := UpperCase(DisplayName);
if Pos(UpperCase(ProgramName), DisplayName) > 0 then
begin
Result := True;
Exit;
end;
end;
end;
end;
// ESET NOD32 Integrity Issue
function IsNod32Integrity: Boolean;
begin
if (IsService('nod32krn')) or (IsService('ekrn')) then
Result := True
else
Result := False;
end;
// ESET NOD32 On-Access Issue
function IsNod32OnAccess: Boolean;
begin
if (DriveExist('drivers\amon.sys')) or (DriveExist('drivers\eamon.sys')) then
Result := True
else
Result := False;
end;
// ESET SysInspector Issue
function IsEsetSysInspector: Boolean;
begin
if IsRing0('\\.\ESIASDRV') then
Result := True
else
Result := False;
end;
|
|
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module) |
24.02.2010, 14:48
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module)
Код:
// Kaspersky On-Access Scanner Issue
function IsKlif: Boolean;
begin
if DriveExist('drivers\klif.sys') then
Result := True
else
Result := False;
end;
// Legacy Kaspersky Service Issue
function IsKavAVP: Boolean;
begin
if IsService('avp') then
Result := True
else
Result := False;
end;
// Trend Micro Internet Security Issue
function IsTrendMicro: Boolean;
begin
if IsRing0('\\.\TMACTMON') then
Result := True
else
Result := False;
end;
// Malwarebytes' Anti-Malware Issue
function IsAntiMalware: Boolean;
begin
if (DriveExist('drivers\mbam.sys')) or (DriveExist('drivers\mbamswissarmy.sys')) then
Result := True
else
Result := False;
end;
// Zillya! Antivirus Issue
function IsZillya: Boolean;
begin
if DriveExist( 'drivers\ZFMSYS.sys') then
Result := True
else
Result := False;
end;
// Lavasoft Ad-Aware Issue
function IsAdAware: Boolean;
begin
if (DriveExist('drivers\lbd.sys')) or (IsRing0('\\.\LBD')) then
Result := True
else
Result := False;
end;
// Microsoft Security Essentials Issue
function IsMSecEssentials: Boolean;
begin
if (DriveExist('drivers\mpfilter.sys')) or (IsUninstall('Microsoft Security Essentials')) then
Result := True
else
Result := False;
end;
// Advanced SystemCare Issue
function IsAdvancedSysCare: Boolean;
begin
if IsUninstall('Advanced SystemCare') then
Result := True
else
Result := False;
end;
// Antivirus Stop! Issue
function IsAvirStop: Boolean;
begin
if IsUninstall('Антивирус Stop!') then
Result := True
else
Result := False;
end;
// USBGuard Issue
function IsUSBGuard: Boolean;
begin
if IsUninstall('USBGuard') then
Result := True
else
Result := False;
end;
// AnVir Task Manager Issue
function IsAnvitTaskMgr: Boolean;
begin
if IsUninstall('AnVir Task Manager') then
Result := True
else
Result := False;
end;
// Spy Hunter Issue
function IsSpyHunter: Boolean;
begin
if IsUninstall('SpyHunter') then
Result := True
else
Result := False;
end;
// DrWeb Issue
function IsDrWeb: Boolean;
begin
if (IsService('spidernt')) or (DriveExist('drivers\spider.sys')) then
Result := True
else
Result := False;
end;
// AVG Anti-Virus Issue
function IsAvgAv: Boolean;
begin
if (IsService('Avg7Alrt')) or (DriveExist('drivers\avg7rsxp.sys'))
or (DriveExist('drivers\avgmfx86.sys')) or (DriveExist('drivers\avgmfx64.sys')) then
Result := True
else
Result := False;
end;
// Agnitum Outpost Firewall Issue
function IsOutpostFire: Boolean;
begin
if (DriveExist('drivers\afwcore.sys')) or (DriveExist('drivers\afw.sys'))
or (IsUninstall('Outpost')) or (DriveExist('filt\aswfilt.dll')) or (DriveExist('drivers\sandbox.sys')) then
Result := True
else
Result := False;
end;
// Norton (Symantec) AntiVirus Issue
function IsSymantec: Boolean;
begin
if (IsService('CLTNetCnService')) or (IsService('ccEvtMgr')) then
Result := True
else
Result := False;
end;
// Symantec AntiVirus AutoProtect Issue
function IsSymantecAutoProtect: Boolean;
begin
if (IsService('ccEvtMgr')) or (DriveExist('drivers\eectrl.sys')) then
Result := True
else
Result := False;
end;
// Symantec AntiVirus Content Filtration Issue
function IsSymantecFiltr: Boolean;
begin
if DriveExist('drivers\SYMTDI.sys') then
Result := True
else
Result := False;
end;
// Avast! Issue
function IsAvast: Boolean;
begin
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\avast!\InstallLocation') then
Result := True
else
Result := False;
end;
// Avira AntiVir Issue
function IsAvira: Boolean;
begin
if (DriveExist('drivers\avgio.sys')) or (DriveExist('drivers\avgntflt.sys'))
or (DriveExist('drivers\avgntdd.sys')) then
Result := True
else
Result := False;
end;
// BitDefender AntiVirus Issue
function IsBitDefender: Boolean;
begin
if DriveExist('drivers\bdrsdrv.sys') then
Result := True
else
Result := False;
end;
// BitDefender Antivirus 2008 Issue
function IsBitDefender2008: Boolean;
begin
if IsService('vsserv') then
Result := True
else
Result := False;
end;
// CA Anti-Virus Issue
function IsCaAv: Boolean;
begin
if (IsService('InoRT')) or (IsService('InoRPC')) or (IsService('InoTask'))
or (IsService('InoNmSrv')) or (IsService('vetmsgnt')) then
Result := True
else
Result := False;
end;
// GDATA AntiVirusKit Issue
function IsGDATA: Boolean;
begin
if (IsService('AVKWCtl')) or (IsService('AVKService')) then
Result := True
else
Result := False;
end;
|
|
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module) |
24.02.2010, 14:49
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
Antivirus Detector v0.3 [Beta] (Delphi Module)
Код:
// Spy Sweeper Issue
function IsSpyWeeper: Boolean;
begin
if IsService('WebrootSpySweeperService') then
Result := True
else
Result := False;
end;
// McAfee VirusScan Issue
function IsMcAfeeVirScan: Boolean;
begin
if IsService('McShield') then
Result := True
else
Result := False;
end;
// Aston Issue
function IsAston: Boolean;
begin
if RegKeyExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Aston') then
Result := True
else
Result := False;
end;
// Lavasoft Firewall Issue
function IsLavasoftFire: Boolean;
begin
if (IsService('LavasoftFirewall')) or (RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Lavasoft Firewall Pro_is1\InstallLocation')) then
Result := True
else
Result := False;
end;
// Quick Heal Firewall Issue
function IsQuickHealFire: Boolean;
begin
if IsService('QuickHealFirewall') then
Result := True
else
Result := False;
end;
// PC Firewall Issue
function IsBuhlFire: Boolean;
begin
if IsService('SFirewall') then
Result := True
else
Result := False;
end;
// Sophos Client Firewall Issue
function IsSophosFire: Boolean;
begin
if IsService('SophosFirewall') then
Result := True
else
Result := False;
end;
// AGAVA Firewall Issue
function IsAgavaFire: Boolean;
begin
if IsService('fwservice') then
Result := True
else
Result := False;
end;
// F-Secure Firewall Issue
function IsFSecureFire: Boolean;
begin
if DriveExist('drivers\fsfw.sys') then
Result := True
else
Result := False;
end;
// Jetico Firewall Issue
function IsJeticoFire: Boolean;
begin
if IsService('Jetico Personal Firewall server') then
Result := True
else
Result := False;
end;
// ZoneAlarm Firewall Issue
function IsZoneAlarmFire: Boolean;
begin
if IsService('vsmon') then
Result := True
else
Result := False;
end;
// CheckPoint Firewall Issue
function IsCheckPointFire: Boolean;
begin
if IsService('FW1SVC') then
Result := True
else
Result := False;
end;
// Online Armor Personal Firewall Issue
function IsOnlineArmorFire: Boolean;
begin
if IsService('SvcOnlineArmor') then
Result := True
else
Result := False;
end;
// VirusBuster Issue
function IsVirusBuster: Boolean;
begin
if IsService('VBCompManService') then
Result := True
else
Result := False;
end;
// McAffee Framework Self Protection Issue
function IsMcAfeeFramework: Boolean;
begin
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Network Associates\TVD\Shared Components\Framework\Installed Path') then
Result := True
else
Result := False;
end;
// McAffee Enterprise Self Protection Issu
function IsMcAfeeEenterprise: Boolean;
begin
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion\szInstallDir') then
Result := True
else
Result := False;
end;
// McAffee Online Scan Self Protection Issue
function IsMcAfeeScanOnline: Boolean;
begin
if RegValueExists(HKEY_LOCAL_MACHINE, 'SOFTWARE\McAfee.com\Virusscan Online\Install Dir') then
Result := True
else
Result := False;
end;
// Sophos Antivirus Issue
function IsSophos: Boolean;
begin
if IsService('savprogress.exe') then
Result := True
else
Result := False;
end;
// Comodo FireWall Issue
function IsComodoFire: Boolean;
begin
if RegKeyExists(HKEY_LOCAL_MACHINE, 'Software\Microsoft\Windows\Uninstall\Comodo Firewall') then
Result := True
else
Result := False;
end;
// Проверка компьютера на установленую защиту
function IsPCProtect: Boolean;
begin
Result := False;
if IsNod32Integrity or IsNod32OnAccess or IsEsetSysInspector or IsKlif
or IsKavAVP or IsTrendMicro or IsAntiMalware or IsZillya or IsAdAware
or IsMSecEssentials or IsAdvancedSysCare or IsAvirStop or IsUSBGuard
or IsAnvitTaskMgr or IsSpyHunter or IsDrWeb or IsAvgAv or IsOutpostFire
or IsSymantec or IsSymantecAutoProtect or IsSymantecFiltr or IsAvast
or IsAvira or IsBitDefender or IsBitDefender2008 or IsCaAv or IsGDATA
or IsSpyWeeper or IsMcAfeeVirScan or IsAston or IsLavasoftFire
or IsQuickHealFire or IsBuhlFire or IsSophosFire or IsAgavaFire
or IsFSecureFire or IsJeticoFire or IsZoneAlarmFire or IsCheckPointFire
or IsOnlineArmorFire or IsVirusBuster or IsMcAfeeFramework
or IsMcAfeeEenterprise or IsMcAfeeScanOnline or IsSophos or IsComodoFire then
Result := True;
end;
// Получение всех установленных защит
function GetProtectProgs: PChar;
var
ProgNames: String;
begin
Result := '';
if IsNod32Integrity then
ProgNames := ProgNames + NOD32_INTEGRITY_ISSUE + ';';
if IsNod32OnAccess then
ProgNames := ProgNames + NOD32_ON_ACCESS_ISSUE + ';';
if IsEsetSysInspector then
ProgNames := ProgNames + NOD32_SYSINSPECTOR_ISSUE + ';';
if IsKlif then
ProgNames := ProgNames + KLIF_ISSUE + ';';
if IsKavAVP then
ProgNames := ProgNames + KAVAVP_ISSUE + ';';
if IsTrendMicro then
ProgNames := ProgNames + TREND_MICRO_INET_SEC_ISSUE + ';';
if IsAntiMalware then
ProgNames := ProgNames + MALWAREBYTES_ISSUE + ';';
if IsZillya then
ProgNames := ProgNames + ZILLYA_ISSUE + ';';
if IsAdAware then
ProgNames := ProgNames + LAVASOFT_ADADWARE_ISSUE + ';';
if IsMSecEssentials then
ProgNames := ProgNames + MICROSOFT_SEC_ESSENTIALS_ISSUE + ';';
if IsAdvancedSysCare then
ProgNames := ProgNames + SYSTEMCARE_ISSUE + ';';
if IsAvirStop then
ProgNames := ProgNames + STOP_ISSUE + ';';
if IsUSBGuard then
ProgNames := ProgNames + USBGUARD_ISSUE + ';';
if IsAnvitTaskMgr then
ProgNames := ProgNames + ANVIR_TASK_MGR_ISSUE + ';';
if IsSpyHunter then
ProgNames := ProgNames + SPYHUNTER_ISSUE + ';';
if IsDrWeb then
ProgNames := ProgNames + DRWEB_ISSUE + ';';
if IsAvgAv then
ProgNames := ProgNames + AVG_AV_ISSUE + ';';
if IsOutpostFire then
ProgNames := ProgNames + AGNITUM_ISSUE + ';';
if IsSymantec then
ProgNames := ProgNames + SYMANTEC_ISSUE + ';';
if IsSymantecAutoProtect then
ProgNames := ProgNames + SYMANTEC_AUTOPROTECT_ISSUE + ';';
if IsSymantecFiltr then
ProgNames := ProgNames + SYMANTEC_FILTRATION_ISSUE + ';';
if IsAvast then
ProgNames := ProgNames + AVAST_ISSUE + ';';
if IsAvira then
ProgNames := ProgNames + AVIRA_ISSUE + ';';
if IsBitDefender then
ProgNames := ProgNames + BITDEFENDER_AV_ISSUE + ';';
if IsBitDefender2008 then
ProgNames := ProgNames + BITDEFENDER_AV_2008_ISSUE + ';';
if IsCaAv then
ProgNames := ProgNames + CA_ISSUE + ';';
if IsGDATA then
ProgNames := ProgNames + GDATA_AVK_ISSUE + ';';
if IsSpyWeeper then
ProgNames := ProgNames + SPYSWEEPER_ISSUE + ';';
if IsMcAfeeVirScan then
ProgNames := ProgNames + MCAFEE_ISSUE + ';';
if IsAston then
ProgNames := ProgNames + ASTON_ISSUE + ';';
if IsLavasoftFire then
ProgNames := ProgNames + LAVASOFT_FIREWALL_ISSUE + ';';
if IsQuickHealFire then
ProgNames := ProgNames + QUICKHEAL_FIREWALL_ISSUE + ';';
if IsBuhlFire then
ProgNames := ProgNames + BUHL_FIREWALL_ISSUE + ';';
if IsSophosFire then
ProgNames := ProgNames + SOPHOS_FIREWALL_ISSUE + ';';
if IsAgavaFire then
ProgNames := ProgNames + AGAVA_FIREWALL_ISSUE + ';';
if IsFSecureFire then
ProgNames := ProgNames + FSECURE_FIREWALL_ISSUE + ';';
if IsJeticoFire then
ProgNames := ProgNames + JETICO_FIREWALL_ISSUE + ';';
if IsZoneAlarmFire then
ProgNames := ProgNames + ZONEALARM_FIREWALL_ISSUE + ';';
if IsCheckPointFire then
ProgNames := ProgNames + CHECKPOINT_FIREWALL_ISSUE + ';';
if IsOnlineArmorFire then
ProgNames := ProgNames + ONLINEARMOR_FIREWALL_ISSUE + ';';
if IsVirusBuster then
ProgNames := ProgNames + VIRUSBUSTER_ISSUE + ';';
if IsMcAfeeFramework then
ProgNames := ProgNames + MCAFEE_FRAMEWORK_ISSUE + ';';
if IsMcAfeeEenterprise then
ProgNames := ProgNames + MCAFEE_ENTERPRISE_ISSUE + ';';
if IsMcAfeeScanOnline then
ProgNames := ProgNames + MCAFEE_SCAN_ONLINE_ISSUE + ';';
if IsSophos then
ProgNames := ProgNames + SOPHOS_ISSUE + ';';
if IsComodoFire then
ProgNames := ProgNames + COMODO_ISSUE + ';';
Result := PChar(ProgNames);
end;
end.
http://slil.ru/28697373 - Скачать Antivirus Detector v0.3 [Beta] (Delphi Module) |
|
|
|
25.02.2010, 11:54
|
|
Участник форума
Регистрация: 29.07.2008
Сообщений: 128
Провел на форуме:
225836
Репутация:
34
|
|
У когонибудь будут еще идеи по дополнению?
|
|
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Линейный вид
