Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from ctypes import *
- import sys
- import struct
- hDevice=windll.kernel32.CreateFileA(b'\\\\.\\aswSP_Open',
- 0x02000000, #MAXIMUM_ALLOWED
- 3,
- None,
- 3,
- 0,
- 0)
- if (hDevice&0xffffffff)==0xffffffff:
- print('0x%08x'%(windll.kernel32.GetLastError()))
- sys.exit(0)
- OutBuffer=b'\0'*4
- OutBufferSize=len(OutBuffer)
- n=c_ulong(0)
- windll.kernel32.DeviceIoControl(hDevice,
- 0xb2d60190,
- None,
- 0,
- OutBuffer,
- OutBufferSize,
- byref(n),
- None)
- Enabled=struct.unpack('<I',OutBuffer)[0]
- if Enabled==0:
- print('avast! Self Protection is not enabled')
- else:
- print('avast! Self Protection is enabled')
- print('List of trusted PIDs:')
- for Pid in range(4,4096,4):
- InBuffer=struct.pack('<I',Pid)
- InBufferSize=len(InBuffer)
- OutBuffer=b'\0'*4
- OutBufferSize=len(OutBuffer)
- n=c_ulong(0)
- windll.kernel32.DeviceIoControl(hDevice,
- 0xb2d600cc,
- InBuffer,
- InBufferSize,
- OutBuffer,
- OutBufferSize,
- byref(n),
- None)
- if struct.unpack('<I',OutBuffer)[0]!=0:
- print(' %4d'%(Pid))
- windll.kernel32.CloseHandle(hDevice)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement