delphi - Determine when running in a virtual machine

Question

Is there an official way for an application to determine if it is running in VMWare or Virtual PC (or whatever Microsoft is calling it now)? The code I have seen is usually a hack that took advantage of some odd behavioral side effect in a specific version of VMWare or Virtual PC.

Ideally Delphi code, but if you can link to an official explanation then I am sure I can convert it.

question from:https://stackoverflow.com/questions/779723/determine-when-running-in-a-virtual-machine

Answer 1

I wrote a series of articles last year on this, with source code. VMware and Wine detection are here. Virtual PC is here. All three of these have pretty iron-clad detection because there are documented callbacks to the hypervisor (in the case of Wine, an extension to a standard DLL). I put up an untested VirtualBox detector (don't have it installed to test with) in the comment section. Parallels might be detectable using a callback also but I don't have it installed. The link for the documentation (which is poor since it's from a security researcher focusing on exploits) but located here if you have it installed and are interested. There's also a PPT here that has some information on detecting Sandbox, Bochs, and Xen. Not a lot of code in it but it might give you a starting point if you have to detect those.