0xNOP

*Updated 4/5/2016*

Mar 6th, 2017
698
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ; English Forum: https://forum.tuts4you.com/
  2. ; Author: 0xNOP
  3. ; Date: 6.April.2016
  4. ; OS: Windows
  5. ; Demo: No
  6.  
  7. Global.s Dim output(0)
  8.  
  9. Procedure explodeStringArray(Array a$(1), s$, delimeter$)
  10.   Protected count, i
  11.   count = CountString(s$,delimeter$) + 1
  12.  
  13.   ;Debug Str(count) + " substrings found"
  14.   Dim a$(count)
  15.   For i = 1 To count
  16.     a$(i - 1) = StringField(s$,i,delimeter$)
  17.   Next
  18.   ProcedureReturn count ;return count of substrings
  19. EndProcedure
  20.  
  21. Procedure getAV(ID.i)
  22.   Output$ = ""
  23.   ProgID = ID
  24. If ProgID
  25.   While ProgramRunning(ProgID)
  26.     If AvailableProgramOutput(ProgID)
  27.       Output$ + ReadProgramString(ProgID)
  28.     EndIf
  29.   Wend
  30.   CloseProgram(ProgID) ; Close the connection to the program
  31. EndIf
  32. SplittedString$ = ""
  33. FindStr$ = Left(Output$, 12)
  34. Occurences$ = Str(CountString(Output$, FindStr$))
  35. If(Val(Occurences$) = 0)
  36.   MessageRequester("Woops!", "No Antivirus Found!")
  37. Else
  38.   If(Val(Occurences$) >= 1)
  39.     ;This system has more than one Antivirus!" ; Do Split for 1 antivirus <- We want this value :)
  40.     explodeStringArray(output(), Output$, "displayName=")
  41.     MessageRequester("We've Got a Hit!", "Installed: " + output(1))
  42.   EndIf
  43. EndIf
  44. EndProcedure
  45.  
  46. ; I've read that WMI changed the way it behaves from Vista SP2 and above, earlier "root\SecurityCenter" was needed, now "root\SecurityCenter2" is needed.
  47.  
  48. If OSVersion() <= #PB_OS_Windows_Vista
  49.   ID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter Path AntiVirusProduct Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
  50.   getAV(ID)
  51. Else ;Host OS is higher than Vista. We can rest assured and run it with the new WMIC statement :D
  52.   ID = RunProgram("wmic", "/Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List", "", #PB_Program_Open | #PB_Program_Read | #PB_Program_Hide)
  53.   getAV(ID)
  54. EndIf
RAW Paste Data