Exploiting GetTickCount

I started collecting stuff around detecting debuggers off late. Here's a sample snippet that can used to detect whether the debugger is present or not. This below snippet exploits the GetTickCount function to find whether a debugger is debugging your program.

CTEXT MACRO y:VARARG
LOCAL sym

CONST segment
IFIDNI ,<>
sym db 0
ELSE
sym db y,0
ENDIF
CONST ends

EXITM
ENDM

.data?
Tick dd ?

.data

.code
start:

invoke GetTickCount
mov Tick, eax
invoke GetTickCount
sub eax, Tick
.IF eax > 1
invoke MessageBox, NULL, CTEXT("Debugger Present"), CTEXT("Quit the Debugger"), MB_OK

.ELSE
invoke MessageBox, NULL, CTEXT("No Debugger"), CTEXT("Program successfully exited"), MB_OK

.ENDIF
end start

But you have to understand that this is very basic instance of identifying the presence of a debugger and this only works when we step through the code. Meaning, the debugger would seamlessly be ignored when we run through this part of the code rapidly! Try for yourself.

What this code does is gets the GetTickCount 's output and compares it with the another output of GetTickCount's. Refer about GetTickCount functionhere.

Post your method of detecting the debuggers as well ;)