Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Powershell script for determining if a machine is running NOD32 or SEV
- # Written by Thomas York
- # Last modified 11/10/2010
- # Declarations
- $startip = "100"
- $endip = "200"
- $network = "10.1.1."
- $AV = @{}
- $hostname = @{}
- # Declare a new ping object
- $ping = new-object System.Net.NetworkInformation.Ping
- # First, we try to ping all of the machines in the defined network
- # If they are up, we will try to browse their filesystem(s) to see what AV they have
- for ($i=[int]$startip; $i -le $endip; $i++) {# Loop start
- # Ping the host
- $go = $ping.send($network + $i.ToString())
- $result = $go.status
- # See if the ping worked
- if ($result -match "Success") {
- $ip = $network + $i.ToString()
- # Determine machine name via WMI
- if ($dsk = Get-WmiObject -namespace root\cimv2 -class Win32_ComputerSystem -computername $ip) { # WMI worked
- foreach ($drive in $dsk) { # Loop through WMI results
- $hostname.Add("$ip", "$drive.Name")
- }
- } else { # WMI Failed
- $hostname.Add("$ip", "UNKNOWN")
- }
- # AV checks
- if (Test-Path "\\$network$i\c$\Program Files\ESET") { # Test for NOD32
- write-host "NOD32 " -foregroundcolor green -nonewline
- write-host "found on $hostname[$ip] ($ip)"
- $AV.Add("$ip", "NOD32")
- } else { # No NOD32...
- if ((Test-Path "\\$network$i\c$\Program Files\Symantec AntiVirus") -or (Test-Path "\\$network$i\c$\Program Files\Symantec\Symantec Endpoint Protection") -or (Test-Path "\\$network$i\c$\Program Files\Symantec\LiveUpdate")){ # Test for Symantec
- write-host "Symantec (or LiveUpdate) " -foregroundcolor red -nonewline
- write-host "found on $hostnamei[$ip] ($ip)"
- $AV.Add("$ip", "Symantec")
- } else { # No AV or some other AV
- write-host "No known AV detected on $hostname[$ip] ($ip)"
- $AV.Add("$ip", "None")
- }
- }
- } else { # Ping fails
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
