检查是否存在以下注册表路径: |
检测 | 注册表路径(registry path) | 细节(如果有的话) |
[general] | HKLM\Software\Classes\Folder\shell\sandbox |
|
Hyper-V | HKLM\SOFTWARE\Microsoft\Hyper-V |
|
HKLM\SOFTWARE\Microsoft\VirtualMachine |
|
HKLM\SOFTWARE\Microsoft\Virtual Machine\Guest\Parameters | 通常 "HostName "和 "VirtualMachineName "的值是在这个路径下读取的。 |
HKLM\SYSTEM\ControlSet001\Services\vmicheartbeat |
|
HKLM\SYSTEM\ControlSet001\Services\vmicvss |
|
HKLM\SYSTEM\ControlSet001\Services\vmicshutdown |
|
HKLM\SYSTEM\ControlSet001\Services\vmicexchange |
|
Parallels | HKLM\SYSTEM\CurrentControlSet\Enum\PCI\VEN_1AB8* | 子键有以下结构 VEN_XXXX&DEV_YYYY&SUBSYS_ZZZZ&REV_WW |
Sandboxie | HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv |
|
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sandboxie |
|
VirtualBox | HKLM\SYSTEM\CurrentControlSet\Enum\PCI\VEN_80EE* | 子键有以下结构: VEN_XXXX&DEV_YYYY&SUBSYS_ZZZZ&REV_WW |
HKLM\HARDWARE\ACPI\DSDT\VBOX__ |
|
HKLM\HARDWARE\ACPI\FADT\VBOX__ |
|
HKLM\HARDWARE\ACPI\RSDT\VBOX__ |
|
HKLM\SOFTWARE\Oracle\VirtualBox Guest Additions |
|
HKLM\SYSTEM\ControlSet001\Services\VBoxGuest |
|
HKLM\SYSTEM\ControlSet001\Services\VBoxMouse |
|
HKLM\SYSTEM\ControlSet001\Services\VBoxService |
|
HKLM\SYSTEM\ControlSet001\Services\VBoxSF |
|
HKLM\SYSTEM\ControlSet001\Services\VBoxVideo |
|
VirtualPC | HKLM\SYSTEM\CurrentControlSet\Enum\PCI\VEN_5333* | 子键有以下结构: VEN_XXXX&DEV_YYYY&SUBSYS_ZZZZ&REV_WW |
HKLM\SYSTEM\ControlSet001\Services\vpcbus |
|
HKLM\SYSTEM\ControlSet001\Services\vpc-s3 |
|
HKLM\SYSTEM\ControlSet001\Services\vpcuhub |
|
HKLM\SYSTEM\ControlSet001\Services\msvmmouf |
|
VMware | HKLM\SYSTEM\CurrentControlSet\Enum\PCI\VEN_15AD* | 子键有以下结构: VEN_XXXX&DEV_YYYY&SUBSYS_ZZZZ&REV_WW |
HKCU\SOFTWARE\VMware, Inc.\VMware Tools |
|
HKLM\SOFTWARE\VMware, Inc.\VMware Tools |
|
HKLM\SYSTEM\ControlSet001\Services\vmdebug |
|
HKLM\SYSTEM\ControlSet001\Services\vmmouse |
|
HKLM\SYSTEM\ControlSet001\Services\VMTools |
|
HKLM\SYSTEM\ControlSet001\Services\VMMEMCTL |
|
HKLM\SYSTEM\ControlSet001\Services\vmware |
|
HKLM\SYSTEM\ControlSet001\Services\vmci |
|
HKLM\SYSTEM\ControlSet001\Services\vmx86 |
|
HKLM\SYSTEM\CurrentControlSet\Enum\IDE\CdRomNECVMWar_VMware_IDE_CD* |
|
HKLM\SYSTEM\CurrentControlSet\Enum\IDE\CdRomNECVMWar_VMware_SATA_CD* |
|
HKLM\SYSTEM\CurrentControlSet\Enum\IDE\DiskVMware_Virtual_IDE_Hard_Drive* |
|
HKLM\SYSTEM\CurrentControlSet\Enum\IDE\DiskVMware_Virtual_SATA_Hard_Drive* |
|
Wine | HKCU\SOFTWARE\Wine |
|
HKLM\SOFTWARE\Wine |
|
Xen | HKLM\HARDWARE\ACPI\DSDT\xen |
|
HKLM\HARDWARE\ACPI\FADT\xen |
|
HKLM\HARDWARE\ACPI\RSDT\xen |
|
HKLM\SYSTEM\ControlSet001\Services\xenevtchn |
|
HKLM\SYSTEM\ControlSet001\Services\xennet |
|
HKLM\SYSTEM\ControlSet001\Services\xennet6 |
|
HKLM\SYSTEM\ControlSet001\Services\xensvc |
|
HKLM\SYSTEM\ControlSet001\Services\xenvdb | |
检查以下注册表值是否包含以下字符串(不区分大小写: |
Detect | 注册表路径 | 注册表键值 | 字符串 |
[general] | HKLM\HARDWARE\Description\System | SystemBiosDate | 06/23/99 |
HKLM\HARDWARE\Description\System\BIOS | SystemProductName | A M I |
BOCHS | HKLM\HARDWARE\Description\System | SystemBiosVersion | BOCHS |
HKLM\HARDWARE\Description\System | VideoBiosVersion | BOCHS |
Anubis | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion | ProductID | 76487-337-8429955-22614 |
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion | ProductID | 76487-337-8429955-22614 |
CwSandbox | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion | ProductID | 76487-644-3177037-23510 |
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion | ProductID | 76487-644-3177037-23510 |
JoeBox | HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion | ProductID | 55274-640-2673064-23950 |
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion | ProductID | 55274-640-2673064-23950 |
Parallels | HKLM\HARDWARE\Description\System | SystemBiosVersion | PARALLELS |
HKLM\HARDWARE\Description\System | VideoBiosVersion | PARALLELS |
QEMU | HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | QEMU |
HKLM\HARDWARE\Description\System | SystemBiosVersion | QEMU |
HKLM\HARDWARE\Description\System | VideoBiosVersion | QEMU |
HKLM\HARDWARE\Description\System\BIOS | SystemManufacturer | QEMU |
VirtualBox | HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VBOX |
HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VBOX |
HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VBOX |
HKLM\HARDWARE\Description\System | SystemBiosVersion | VBOX |
HKLM\HARDWARE\Description\System | VideoBiosVersion | VIRTUALBOX |
HKLM\HARDWARE\Description\System\BIOS | SystemProductName | VIRTUAL |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | DeviceDesc | VBOX |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | FriendlyName | VBOX |
HKLM\SYSTEM\ControlSet002\Services\Disk\Enum | DeviceDesc | VBOX |
HKLM\SYSTEM\ControlSet002\Services\Disk\Enum | FriendlyName | VBOX |
HKLM\SYSTEM\ControlSet003\Services\Disk\Enum | DeviceDesc | VBOX |
HKLM\SYSTEM\ControlSet003\Services\Disk\Enum | FriendlyName | VBOX |
HKLM\SYSTEM\CurrentControlSet\Control\SystemInformation | SystemProductName | VIRTUAL |
HKLM\SYSTEM\CurrentControlSet\Control\SystemInformation | SystemProductName | VIRTUALBOX |
VMware | HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VMWARE |
HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 1\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VMWARE |
HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 2\Scsi Bus 0\Target Id 0\Logical Unit Id 0 | Identifier | VMWARE |
HKLM\HARDWARE\Description\System | SystemBiosVersion | VMWARE |
HKLM\HARDWARE\Description\System | SystemBiosVersion | INTEL - 6040000 |
HKLM\HARDWARE\Description\System | VideoBiosVersion | VMWARE |
HKLM\HARDWARE\Description\System\BIOS | SystemProductName | VMware |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | 0 | VMware |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | 1 | VMware |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | DeviceDesc | VMware |
HKLM\SYSTEM\ControlSet001\Services\Disk\Enum | FriendlyName | VMware |
HKLM\SYSTEM\ControlSet002\Services\Disk\Enum | DeviceDesc | VMware |
HKLM\SYSTEM\ControlSet002\Services\Disk\Enum | FriendlyName | VMware |
HKLM\SYSTEM\ControlSet003\Services\Disk\Enum | DeviceDesc | VMware |
HKLM\SYSTEM\ControlSet003\Services\Disk\Enum | FriendlyName | VMware |
HKCR\Installer\Products | ProductName | vmware tools |
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | DisplayName | vmware tools |
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | DisplayName | vmware tools |
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall | DisplayName | vmware tools |
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 | CoInstallers32 | *vmx* |
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 | DriverDesc | VMware* |
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 | InfSection | vmx* |
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000 | ProviderName | VMware* |
HKLM\SYSTEM\ControlSet001\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0000\Settings | Device Description | VMware* |
HKLM\SYSTEM\CurrentControlSet\Control\SystemInformation | SystemProductName | VMWARE |
HKLM\SYSTEM\CurrentControlSet\Control\Video\{GUID}\Video | Service | vm3dmp |
HKLM\SYSTEM\CurrentControlSet\Control\Video\{GUID}\Video | Service | vmx_svga |
HKLM\SYSTEM\CurrentControlSet\Control\Video\{GUID}\0000 | Device Description | VMware SVGA* |
Xen | HKLM\HARDWARE\Description\System\BIOS | SystemProductName | Xen |