Detect VirtualPC (The "x0Fx3F" TRICK)

1. //http://waleedassar.blogspot.com (@waleedassar)
2. //If running inside VirtualPC, the Illegal Instruction exception will be swallowed and no exception is raised.
3. // In this code "\x0f\x3F\x07\x0B" is used, other "\x0F\x3F\xXX\xXX" are also working.
4. //For more: http://pastebin.com/VDDRcmdL
5. #include "stdafx.h"
6. #include "windows.h"
7. #include "stdio.h"
8.  
9. bool x=false;
10.  
11. int __cdecl Handler(EXCEPTION_RECORD* pRec,void* est,unsigned char* pContext,void* disp)
12. {
13.       x=true;
14.       (*(unsigned long*)(pContext+0xB8))+=4;
15.       return ExceptionContinueExecution;
16. }
17.  
18. int main(int argc, char* argv[])
19. {
20.     __asm
21.     {
22.         push offset Handler
23.         push dword ptr fs:[0x0]
24.         mov dword ptr fs:[0x0],esp
25.         __emit 0Fh
26.         __emit 3Fh
27.         __emit 07h
28.         __emit 0Bh
29.     }
30.     if(x==false)
31.     {
32.         MessageBox(0,"VirtualPC detected","waliedassar",0);
33.         ExitProcess(0);
34.     }
35.  
36.     __asm
37.     {
38.         pop dword ptr fs:[0x0]
39.         pop eax
40.     }
41.     return 0;
42. }