Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ;==================== GLOBAL VARIABLES ==================
- Global.s Dim output(0)
- Global.s AntiVirus = "AntiVirusProduct"
- Global.s FireWall = "FirewallProduct"
- Global.s AntiSpyware = "AntiSpywareProduct"
- ;==================== GLOBAL VARIABLES ==================
- ;#===========================================================================================#
- ;# Function: explodeStringArray(_Out_ Array, _In_ s, _In_ delimiter) #
- ;#===========================================================================================#
- ;# Brief: Similar to the PHP Function explode(), this function helps you 'explode' a _ #
- ;# string by string. #
- ;#===========================================================================================#
- ;# _Out_ Array = An array that will store the things you split. #
- ;# _In_ s = String that contains the stuff you wanna split. #
- ;# _In_ delimiter = a delimiter used to split the string. #
- ;#===========================================================================================#
- Procedure explodeStringArray(Array a$(1), s$, delimiter$)
- Protected count, i
- count = CountString(s$,delimiter$) + 1
- ;Debug Str(count) + " substrings found"
- Dim a$(count)
- For i = 1 To count
- a$(i - 1) = StringField(s$,i,delimiter$)
- Next
- ProcedureReturn count ;return count of substrings
- EndProcedure
- ;#===========================================================================================#
- ;# Function: getProduct(_In_ ProgID, _In_ Product) #
- ;#===========================================================================================#
- ;# Brief: This function does the actual search for the product(s) you specify. #
- ;#===========================================================================================#
- ;# _In_ ProgID = Valid program handle from WMI Query #
- ;# _In_ ProductType = "AV" or "FW" or "SPY" #
- ;#===========================================================================================#
- Procedure getProduct(ProgID, Product.s)
- Output$ = ""
- If ProgID
- While ProgramRunning(ProgID)
- If AvailableProgramOutput(ProgID)
- Output$ + ReadProgramString(ProgID)
- EndIf
- Wend
- CloseProgram(ProgID) ; *Let's prevent some leakage* Close the connection to the program.
- Debug Output$
- EndIf
- SplittedString$ = ""
- FindStr$ = Left(Output$, 12)
- Occurences$ = Str(CountString(Output$, FindStr$))
- If(Val(Occurences$) = 0)
- MessageRequester("Woops!", "No Security Product(s) Found!")
- Else
- If(Val(Occurences$) >= 1)
- ;This system has more than one Antivirus!" ; Do Split for 1 Security Product <- We want this value :)
- explodeStringArray(output(), Output$, "displayName=")
- If(Product.s = "AV")
- MessageRequester("We've Found an AntiVirus!", output(1))
- EndIf
- If(Product.s = "SPY")
- MessageRequester("We've Found an AntiSpyWare!", output(1))
- EndIf
- If(Product.s = "FW")
- MessageRequester("We've Found a FireWall!", output(1))
- EndIf
- EndIf
- EndIf
- EndProcedure
- ;#===========================================================================================#
- ;# Function: GetSecurityProduct(_In_ Product, _In_ ProductType) #
- ;#===========================================================================================#
- ;# Brief: This function just an WMIC instance in a hidden console, the return is a valid _ #
- ;# Used in getProduct() in order to do the other operations to hunt for security products. #
- ;#===========================================================================================#
- ;# _In_ Product = "AntiVirusProduct" OR "AntiSpywareProduct" OR "FirewallProduct" #
- ;# _In_ ProductType = "AV" or "FW" or "SPY" #
- ;#===========================================================================================#
- Procedure GetSecurityProduct(Product.s, ProductType.s)
- ; WMI CHANGED THE WAY IT BEHAVES FROM VISTA SP2 AND ABOVE, EARLIER "ROOT\SECURITYCENTER" WAS NEEDED, NOW "ROOT\SECURITYCENTER2" IS NEEDED.
- If OSVersion() <= #PB_OS_Windows_Vista
- ProgID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter Path " + Product + " Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
- getProduct(ProgID, ProductType)
- Else ;Host OS is higher than Vista. We can rest assured and run it with the new WMIC statement :D
- ProgID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter2 Path " + Product + " Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
- getProduct(ProgID, ProductType)
- EndIf
- EndProcedure
- ;==================== MAIN ==================
- GetSecurityProduct(AntiVirus, "AV")
- GetSecurityProduct(AntiSpyware, "SPY")
- GetSecurityProduct(FireWall, "FW")
- ;==================== MAIN ==================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement