SHARE
TWEET

*Updated 3/7/2017*

0xNOP Mar 7th, 2017 11 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ;==================== GLOBAL VARIABLES ==================
  2. Global.s Dim output(0)
  3. Global.s AntiVirus = "AntiVirusProduct"
  4. Global.s FireWall = "FirewallProduct"
  5. Global.s AntiSpyware = "AntiSpywareProduct"
  6. ;==================== GLOBAL VARIABLES ==================
  7.  
  8.  
  9.  
  10. ;#===========================================================================================#
  11. ;# Function: explodeStringArray(_Out_ Array, _In_ s, _In_ delimiter)                         #
  12. ;#===========================================================================================#
  13. ;# Brief: Similar to the PHP Function explode(), this function helps you 'explode' a _       #
  14. ;# string by string.                                                                         #
  15. ;#===========================================================================================#
  16. ;# _Out_ Array = An array that will store the things you split.                              #
  17. ;# _In_ s = String that contains the stuff you wanna split.                                  #
  18. ;# _In_ delimiter = a delimiter used to split the string.                                    #
  19. ;#===========================================================================================#
  20. Procedure explodeStringArray(Array a$(1), s$, delimiter$)
  21.   Protected count, i
  22.   count = CountString(s$,delimiter$) + 1
  23.  
  24.   ;Debug Str(count) + " substrings found"
  25.   Dim a$(count)
  26.   For i = 1 To count
  27.     a$(i - 1) = StringField(s$,i,delimiter$)
  28.   Next
  29.   ProcedureReturn count ;return count of substrings
  30. EndProcedure
  31.  
  32. ;#===========================================================================================#
  33. ;# Function: getProduct(_In_ ProgID, _In_ Product)                                           #
  34. ;#===========================================================================================#
  35. ;# Brief: This function does the actual search for the product(s) you specify.               #
  36. ;#===========================================================================================#
  37. ;# _In_ ProgID = Valid program handle from WMI Query                                         #
  38. ;# _In_ ProductType = "AV" or "FW" or "SPY"                                                  #
  39. ;#===========================================================================================#
  40. Procedure getProduct(ProgID, Product.s)
  41.   Output$ = ""
  42. If ProgID
  43.   While ProgramRunning(ProgID)
  44.     If AvailableProgramOutput(ProgID)
  45.       Output$ + ReadProgramString(ProgID)
  46.     EndIf
  47.   Wend
  48.   CloseProgram(ProgID) ; *Let's prevent some leakage* Close the connection to the program.
  49.   Debug Output$
  50. EndIf
  51. SplittedString$ = ""
  52. FindStr$ = Left(Output$, 12)
  53. Occurences$ = Str(CountString(Output$, FindStr$))
  54. If(Val(Occurences$) = 0)
  55.     MessageRequester("Woops!", "No Security Product(s) Found!")
  56. Else
  57.   If(Val(Occurences$) >= 1)
  58.     ;This system has more than one Antivirus!" ; Do Split for 1 Security Product <- We want this value :)
  59.     explodeStringArray(output(), Output$, "displayName=")
  60.     If(Product.s = "AV")
  61.       MessageRequester("We've Found an AntiVirus!", output(1))
  62.     EndIf
  63.    
  64.     If(Product.s = "SPY")
  65.       MessageRequester("We've Found an AntiSpyWare!", output(1))
  66.     EndIf
  67.    
  68.     If(Product.s = "FW")
  69.       MessageRequester("We've Found a FireWall!", output(1))
  70.     EndIf
  71.    
  72.   EndIf
  73. EndIf
  74. EndProcedure
  75.  
  76. ;#===========================================================================================#
  77. ;# Function: GetSecurityProduct(_In_ Product, _In_ ProductType)                              #
  78. ;#===========================================================================================#
  79. ;# Brief: This function just an WMIC instance in a hidden console, the return is a valid _   #
  80. ;# Used in getProduct() in order to do the other operations to hunt for security products.   #
  81. ;#===========================================================================================#
  82. ;# _In_ Product = "AntiVirusProduct" OR "AntiSpywareProduct" OR "FirewallProduct"            #
  83. ;# _In_ ProductType = "AV" or "FW" or "SPY"                                                  #
  84. ;#===========================================================================================#
  85. Procedure GetSecurityProduct(Product.s, ProductType.s)
  86.   ; WMI CHANGED THE WAY IT BEHAVES FROM VISTA SP2 AND ABOVE, EARLIER "ROOT\SECURITYCENTER" WAS NEEDED, NOW "ROOT\SECURITYCENTER2" IS NEEDED.
  87.  
  88.   If OSVersion() <= #PB_OS_Windows_Vista
  89.     ProgID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter Path " + Product +  " Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
  90.     getProduct(ProgID, ProductType)
  91.   Else ;Host OS is higher than Vista. We can rest assured and run it with the new WMIC statement :D
  92.     ProgID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter2 Path " + Product + " Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
  93.     getProduct(ProgID, ProductType)
  94. EndIf
  95. EndProcedure
  96.  
  97. ;==================== MAIN ==================
  98. GetSecurityProduct(AntiVirus, "AV")
  99. GetSecurityProduct(AntiSpyware, "SPY")
  100. GetSecurityProduct(FireWall, "FW")
  101. ;==================== MAIN ==================
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top