Danyfirex

VirusTotal API 2.0 UDF

49 posts in this topic




A nice idea and UDF. May I provide some suggestions?

; Firstly, Global variables should be at the top a script and not in a function.
; Secondly, how about removing Global variables and doing something like this?

Global Const $__sVirusTotal_Page = 'www.virustotal.com'

Func Example()
    Local $hVirusTotal = VT_Open() ; Pass the 'handle' to the appropriate functions.
    ConsoleWrite(VT_Url_Scan($hVirusTotal, 'someurl.com', 'API') & @CRLF)
    VT_Close($hVirusTotal) ; Pass the 'handle' from $hVirusTotal.
EndFunc   ;==>Example

Func VT_Open() ; Pass
    Local Enum $eAPI_HttpOpen, $eAPI_HttpConnect ; These could be in the Global space too.
    Local $aAPI[2] = [0, 0]
    $aAPI[$eAPI_HttpOpen] = _WinHttpOpen()
    If @error Then $aAPI[$eAPI_HttpOpen] = -1
    $aAPI[$eAPI_HttpConnect] = _WinHttpConnect($aAPI[$eAPI_HttpOpen], $__sVirusTotal_Page)
    If @error Then $aAPI[$eAPI_HttpConnect] = -1
    Return $aAPI
EndFunc   ;==>VT_Open

Func VT_Close(ByRef Const $aAPI)
    Local Enum $eAPI_HttpOpen, $eAPI_HttpConnect ; These could be in the Global space too.
    _WinHttpCloseHandle($aAPI[$eAPI_HttpOpen])
    _WinHttpCloseHandle($aAPI[$eAPI_HttpConnect])
    Return True
EndFunc   ;==>VT_Close

Func VT_Url_Scan(ByRef $aAPI, $sURL, $sAPIkey)
    Local Enum $eAPI_HttpOpen, $eAPI_HttpConnect ; These could be in the Global space too.
    If $aAPI[$eAPI_HttpConnect] = -1 Then $aAPI = VT_Open() ; Check if HttpConnect isn't -1, if it is then connect to VirusTotal.
    Return _WinHttpSimpleRequest($aAPI[$eAPI_HttpConnect], 'POST', '/vtapi/v2/url/scan', Default, 'url=' & $sURL & '&key=' & $sAPIkey)
EndFunc   ;==>VT_Url_Scan
1 person likes this

_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

Nice start!

Do you have any plans to marry it up to one of the JSON UDFs to extract the info?

Have fun!

John Morrison

Share this post


Link to post
Share on other sites

Thanks mates.

 

A nice idea and UDF. May I provide some suggestions?

...

 

Thanks for your suggestions I'will update it. maybe use JSON UDF to Get response returns Error too.

 

I thought some like this for Http 

 

If @Error Return SetError(@Error,0,0)

or 

Simple return @error

obvious I need split the response to manage page returns.

regards

Share this post


Link to post
Share on other sites

Hello,

thanks, very useful, How can I connect through a proxy?

Share this post


Link to post
Share on other sites

Hello,

thanks, very useful, How can I connect through a proxy?

 

change  _WinHttpOpen parameters.

_WinHttpOpen([$sUserAgent = Default [, $iAccessType = Default [, $sProxyName = Default [, $sProxyBypass = Default [, $iFlag = Default ]]]]])

regards

Share this post


Link to post
Share on other sites

Hello,

I tried, but no way. Impossible to connect,!

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

Awesome, you went with my design. Thanks for that.

1 person likes this

_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

I had a bit of a play with the UDF and I don't appear to be getting anything back from "$fScan" and subsequent checks indicate that the file wasn't uploaded.

My Code (well actually just your example modified).

Local $hVirusTotal = VT_Open()
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ConsoleWrite(":" & VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey) & ":" & @CRLF)
    ConsoleWrite("@error = " & @error & @cr)
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ;ConsoleWrite(VT($hVirusTotal, $fRescan, hex($bHash),$sVirusTotalAPIkey) & @CRLF)
    ;1 = queued for rescanning. -1 = not present. 0 = unexpected error
    ;ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ConsoleWrite(VT($hVirusTotal, $fReport, hex($bHash),$sVirusTotalAPIkey) & @CRLF)
    ;
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    VT_Close($hVirusTotal) ;

The result

 

----------------------------------------------------------------------------------
::
@error = 0
----------------------------------------------------------------------------------
{"response_code": 0, "resource": "46B3CC00ECD3D3E042DECA0072B063B3", "verbose_msg": "The requested resource is not among the finished, queued or pending scans"}
----------------------------------------------------------------------------------

 

The file exists...... Any ideas what's going on?

Thanks!

Share this post


Link to post
Share on other sites

storme, 

Probably best to actually post what data the other variables contain instead of second guessing. Thanks.


_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 04/09/2015

Share this post


Link to post
Share on other sites

storme, 

Probably best to actually post what data the other variables contain instead of second guessing. Thanks.

No Guessing necessary.

The code is basically a cut and paste from the example in the OP.

This is the important line
VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey)

$hVirusTotal is set in the line above

$fscan is a UDF constant

$sFileName is the full path of the file (useless to anyone else, I stated it exists...and I checked with fileexists() to make sure it was ok)

$sVirusTotalAPIkey is my Virus total API key (Private not to be published)

The API states there should be a return from the file scan ($fScan) but as you see from the results it returns nothing.

Share this post


Link to post
Share on other sites

#14 ·  Posted (edited)

@storme I think the problem is that you'r not waiting the file scan and you trying to get the report.

When you upload some file for scanning you should wait some time to get the report file.

So

if I get this "The requested resource is not among the finished, queued or pending scans"  So I should wait. I'll try some minutes later.

regards

Edited by Danyfirex

Share this post


Link to post
Share on other sites

@storme I think the problem is that you'r not waiting the file scan and you trying to get the report.

 

When you upload some file for scanning you should wait some time to get the report file.

Yep understand that, the script I'm writing will do that when I can get it to submit a file to be scanned.

However, I'm not getting anything back from the submit to indicate it's done anything. According to the API help page there should be a report sent back with various information that I'll then use to keep track of files submitted.

if I get this "The requested resource is not among the finished, queued or pending scans"  

So I should wait. I'll try some minutes later.

The message you quoted above states "or pending scans" so shouldn't my "pending scan" be in the list?

I submitted the file last night and it still isn't in the list.  If it was submitted it should be there by now.

 

It appears as if the file isn't being submitted.

Have you tried your URL on a brand new EXE file that hasn't been submitted before?

BTW everything else works fine, if I use a file/hash that is already scanned.

So back to you...

John

Share this post


Link to post
Share on other sites

#16 ·  Posted (edited)

@storme have you tried with another file?

 

For me work correctly I just upload another file right now this is the response that you should to get

:{"scan_id": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a-1371648640", "sha1": "01fc1499d986a1593f51a40d8f4294b5b69e83d9", "resource": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a", "response_code": 1, "sha256": "c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a", "permalink": "https://www.virustotal.com/file/c38c7912767533053ef8f1c647b4fbf9f37f5ee305ead5b3049c4346b5c4419a/analysis/1371648640/", "md5": "e0efdfe49b64cf7c2fc191c969d2d29d", "verbose_msg": "Scan request successfully queued, come back later for the report"}:

which is the size of your file?

 

I keep thinking the problem is that you're not waiting enough(some minutes maybe  3 or 5)

 

Also

You can use a Http debugger to see what's wrong.

Edited by Danyfirex

Share this post


Link to post
Share on other sites

The file I was trying to upload/scan was an AutoIt program and my antivirus was intercepting and blocking it.

So the file was not passed to VT thus no report from the "$fScan".

I finally got it to go by disabling the antivirus.

It maybe worth adding some checks to your code to see if the files exists and can be opened.

An antivirus will probably allow you to check it exists but not open it.

Don't have any time to do any major checking now, wish I had found this last night when I did have time.

John

Share this post


Link to post
Share on other sites

The file I was trying to upload/scan was an AutoIt program and my antivirus was intercepting and blocking it.

So the file was not passed to VT thus no report from the "$fScan".

I finally got it to go by disabling the antivirus.

It maybe worth adding some checks to your code to see if the files exists and can be opened.

An antivirus will probably allow you to check it exists but not open it.

Don't have any time to do any major checking now, wish I had found this last night when I did have time.

John

Good.

 

Yes you're right. I'll update soon.

 

regards

Share this post


Link to post
Share on other sites

It's 2am here and I have to sleep but I did a bit of checking and got some strange results.

Test Code - VirusSubmit.exe (331KB) is the program I'm working on and Bitdefender (my antivirus) doesn't like it and is blocking it.

$sFileName = "P:\Autoit\_Projects\_MyProjects\VirusSubmit\VirusSubmit.exe"

; submit to Virustotal
    _Crypt_Startup()
    Local $bHash = _Crypt_HashFile($sFileName, $CALG_MD5)
    _Crypt_Shutdown()

    ;Check if hash exists
        ; Doesn't exist
            ; Submit file

    ;Get report
        ; Not ready yet (come back later)


    ConsoleWrite("FileExists = " & FileExists($sFileName) & @cr)
    ConsoleWrite("$bHash = " & $bHash & @cr)
    local $stest =  __WinHttpFileContent("", "file", $sFileName,"--------Boundary")

    ConsoleWrite("$stest-LEN = " & StringLen($stest) & " @error = " & @error & @cr)
    ConsoleWrite("$stest = " & $stest& @cr)

    Local $hVirusTotal = VT_Open()
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ConsoleWrite(":" & VT($hVirusTotal, $fScan, $sFileName,$sVirusTotalAPIkey) & ":" & @CRLF)
    ConsoleWrite("@error = " & @error & @cr)
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ;ConsoleWrite(VT($hVirusTotal, $fRescan, hex($bHash),$sVirusTotalAPIkey) & @CRLF)
    ;1 = queued for rescanning. -1 = not present. 0 = unexpected error
    ;ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    ConsoleWrite(VT($hVirusTotal, $fReport, hex($bHash),$sVirusTotalAPIkey) & @CRLF)
    ConsoleWrite('@@ Debug(' & @ScriptLineNumber & ') : $bHash = ' & $bHash & @crlf & '>Error code: ' & @error & @crlf) ;### Debug Console
    ;
    ConsoleWrite("----------------------------------------------------------------------------------" & @cr)
    VT_Close($hVirusTotal) ;

The result

 

FileExists = 1
$bHash = -1
$stest-LEN = 117 @error = 0
$stest = Content-Disposition: form-data; name="file"; filename="VirusSubmit.exe"
Content-Type: application/octet-stream



----------------------------------------------------------------------------------
@@ Debug(104) : $stest = :Content-Disposition: form-data; name="file"; filename="VirusSubmit.exe"
Content-Type: application/octet-stream


:
>Error code: 0
@@ Debug(107) : $tURL[$Type] = /vtapi/v2/file/scan
>Error code: 0
:{"scan_id": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855-1371656634", "sha1": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "resource": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "response_code": 1, "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", "permalink": "https://www.virustotal.com/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1371656634/", "md5": "d41d8cd98f00b204e9800998ecf8427e", "verbose_msg": "Scan request successfully queued, come back later for the report"}:
@error = 0
----------------------------------------------------------------------------------
{"response_code": 0, "resource": "FFFFFFFF", "verbose_msg": "Invalid resource, check what you are submitting"}
@@ Debug(95) : $bHash = -1
>Error code: 0
----------------------------------------------------------------------------------

 

Now for the original program I couldn't get to submit and still can't when the antivirus is on.  Code is the same the only change is

$sFileName = "D:\MemoryStickDEV\AHC_technology\programs\AHC_UserInfo.exe"

result

 

FileExists = 1
$bHash = 0x46B3CC00ECD3D3E042DECA0072B063B3
$stest-LEN = 664091 @error = 0
$stest = Content-Disposition: form-data; name="file"; filename="AHC_UserInfo.exe"
Content-Type: application/octet-stream

MZ----------------------------------------------------------------------------------
@@ Debug(104) : $stest = :Content-Disposition: form-data; name="file"; filename="AHC_UserInfo.exe"
Content-Type: application/octet-stream

MZ@@ Debug(107) : $tURL[$Type] = /vtapi/v2/file/scan
>Error code: 0
::
@error = 0
----------------------------------------------------------------------------------
{"scans": {"TotalDefense": {"detected": false, "version": "37.0.10473", "result": null, "update": "20130619"}, "MicroWorld-eScan": {"detected": false, "version": "12.0.250.0", "result": null, "update": "20130619"}, "nProtect": {"detected": false, "version": "2013-06-19.04", "result": null, "update": "20130619"}, "CAT-QuickHeal": {"detected": false, "version": "12.00", "result": null, "update": "20130619"}, "McAfee": {"detected": false, "version": "5.400.0.1158", "result": null, "update": "20130619"}, "Malwarebytes": {"detected": false, "version": "1.75.0.1", "result": null, "update": "20130619"}, "K7AntiVirus": {"detected": false, "version": "9.170.8884", "result": null, "update": "20130618"}, "K7GW": {"detected": false, "version": "12.7.0.12", "result": null, "update": "20130618"}, "TheHacker": {"detected": false, "version": "None", "result": null, "update": "20130619"}, "NANO-Antivirus": {"detected": false, "version": "0.24.0.52848", "result": null, "update": "20130619"}, "F-Prot": {"detected": false, "version": "4.7.1.166", "result": null, "update": "20130618"}, "Symantec": {"detected": false, "version": "20131.1.0.101", "result": null, "update": "20130619"}, "Norman": {"detected": false, "version": "7.01.04", "result": null, "update": "20130619"}, "ByteHero": {"detected": false, "version": "1.0.0.1", "result": null, "update": "20130613"}, "TrendMicro-HouseCall": {"detected": false, "version": "9.700.0.1001", "result": null, "update": "20130619"}, "Avast": {"detected": false, "version": "6.0.1289.0", "result": null, "update": "20130619"}, "eSafe": {"detected": false, "version": "7.0.17.0", "result": null, "update": "20130616"}, "ClamAV": {"detected": false, "version": "0.97.3.0", "result": null, "update": "20130619"}, "Kaspersky": {"detected": false, "version": "9.0.0.837", "result": null, "update": "20130619"}, "BitDefender": {"detected": true, "version": "7.2", "result": "Gen:Trojan.Heur.AutoIT.1", "update": "20130619"}, "Agnitum": {"detected": false, "version": "5.5.1.3", "result": null, "update": "20130618"}, "ViRobot": {"detected": false, "version": "2011.4.7.4223", "result": null, "update": "20130619"}, "Sophos": {"detected": false, "version": "4.90.0", "result": null, "update": "20130619"}, "Comodo": {"detected": false, "version": "16458", "result": null, "update": "20130619"}, "F-Secure": {"detected": true, "version": "11.0.19100.45", "result": "Gen:Trojan.Heur.AutoIT.1", "update": "20130619"}, "DrWeb": {"detected": false, "version": "", "result": null, "update": "20130619"}, "VIPRE": {"detected": false, "version": "18856", "result": null, "update": "20130619"}, "AntiVir": {"detected": false, "version": "7.11.85.142", "result": null, "update": "20130619"}, "TrendMicro": {"detected": false, "version": "9.740.0.1012", "result": null, "update": "20130619"}, "McAfee-GW-Edition": {"detected": false, "version": "2013", "result": null, "update": "20130619"}, "Emsisoft": {"detected": true, "version": "3.0.0.581", "result": "Gen:Trojan.Heur.AutoIT.1 (B)", "update": "20130619"}, "Jiangmin": {"detected": false, "version": "16.0.100", "result": null, "update": "20130619"}, "Antiy-AVL": {"detected": false, "version": "2.0.3.7", "result": null, "update": "20130619"}, "Kingsoft": {"detected": false, "version": "2013.4.9.267", "result": null, "update": "20130506"}, "Microsoft": {"detected": false, "version": "1.9607", "result": null, "update": "20130619"}, "SUPERAntiSpyware": {"detected": true, "version": "5.6.0.1008", "result": "Trojan.Agent/Gen-Autorun", "update": "20130619"}, "GData": {"detected": true, "version": "22", "result": "Gen:Trojan.Heur.AutoIT.1", "update": "20130619"}, "Commtouch": {"detected": false, "version": "5.4.1.7", "result": null, "update": "20130618"}, "AhnLab-V3": {"detected": false, "version": "2013.06.19.06", "result": null, "update": "20130619"}, "VBA32": {"detected": false, "version": "3.12.22.2", "result": null, "update": "20130619"}, "PCTools": {"detected": false, "version": "9.0.0.2", "result": null, "update": "20130521"}, "ESET-NOD32": {"detected": false, "version": "8467", "result": null, "update": "20130619"}, "Rising": {"detected": false, "version": "24.67.02.02", "result": null, "update": "20130619"}, "Ikarus": {"detected": false, "version": "T3.1.4.3.0", "result": null, "update": "20130619"}, "Fortinet": {"detected": false, "version": "5.1.146.0", "result": null, "update": "20130619"}, "AVG": {"detected": false, "version": "10.0.0.1190", "result": null, "update": "20130619"}, "Panda": {"detected": false, "version": "10.0.3.5", "result": null, "update": "20130619"}}, "scan_id": "2f65bd6f6ea409bb4b6ccd85226e46f24c8879b5d08811a2f24d8a2281816be5-1371651653", "sha1": "56f21e22ed9fc49b9de5d3961020a87b5efe3b68", "resource": "46B3CC00ECD3D3E042DECA0072B063B3", "response_code": 1, "scan_date": "2013-06-19 14:20:53", "permalink": "https://www.virustotal.com/file/2f65bd6f6ea409bb4b6ccd85226e46f24c8879b5d08811a2f24d8a2281816be5/analysis/1371651653/", "verbose_msg": "Scan finished, scan information embedded in this object", "total": 47, "positives": 5, "sha256": "2f65bd6f6ea409bb4b6ccd85226e46f24c8879b5d08811a2f24d8a2281816be5", "md5": "46b3cc00ecd3d3e042deca0072b063b3"}
@@ Debug(91) : $bHash = 0x46B3CC00ECD3D3E042DECA0072B063B3
>Error code: 0
----------------------------------------------------------------------------------

Now as you can see there is information in VT now as I disabled the antivirus so it would transmit earlier tonight....

However you can see there was no submit for this file

 

::
@error = 0

 

Not sure how much this is going to help.  If you can think of any tests you want me to try let me know and I'll try them when I get home.

Onward and upward!

John

Share this post


Link to post
Share on other sites

#20 ·  Posted (edited)

The file I was trying to upload/scan was an AutoIt program and my antivirus was intercepting and blocking it.

So the file was not passed to VT thus no report from the "$fScan".

I finally got it to go by disabling the antivirus.

It maybe worth adding some checks to your code to see if the files exists and can be opened.

An antivirus will probably allow you to check it exists but not open it.

Don't have any time to do any major checking now, wish I had found this last night when I did have time.

John

 

On a related note, does your script provide the ability to upload via HTTPS?  The reason I ask is that some UTM firewalls may block the transmission of a virus.  While some UTMs can interrogate SSL, most don't; so it would be good to have this capability if possible.

Great UDF.

-John

Edited by jftuga

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • nznet
      By nznet
      Hi Guys,
      I have been trying to write the API calls to Coinigy.com in AutoitScipt. I have managed to solve most of them put are having trouble with the ones that require parameters to be passed.
      The source to the API calls can be found here:
      http://docs.coinigy.apiary.io/#reference/market-data/market-data/data-{type:history}
      Example code from this site:
      curl --include \      --request POST \      --header "Content-Type: application/json" \      --header "X-API-KEY: " \      --header "X-API-SECRET: " \      --data-binary "    {         \"exchange_code\": \"GDAX\",         \"exchange_market\": \"BTC/USD\",         \"type\": \"history\"     }" \ ' https://api.coinigy.com/api/v1/data '  
      This data one is really annoying me. I have the following so far:
      #include <Array.au3> #include <string.au3> #include <MsgBoxConstants.au3> #Region Coinigy Const Global $sCoinigyAPIUrl = "https://api.coinigy.com/api/v1/" #EndRegion Coinigy Const #Region keys Global Const $sCoinigyAPIKey = "" ; just removed my APIKey Global Const $sCoinigyAPISecret = "" ; just removed my APISecret #EndRegion keys $sResults = CoinigyQueryPrivate("data", "exchange_code=GDAX&exchange_market=BTC/USD&type=history") ; Trade history, asks and bids for any supported exchange/market ConsoleWrite("Market Data: " & $sResults & @CRLF & @CRLF) Func CoinigyQueryPrivate($sMethod, $sParameters)     Local $oHTTP = ObjCreate("winhttp.winhttprequest.5.1")     $oHTTP.Open("POST", $sCoinigyAPIUrl & $sMethod, False)     $oHTTP.SetRequestHeader("X-API-KEY", $sCoinigyAPIKey)     $oHTTP.SetRequestHeader("X-API-SECRET", $sCoinigyAPISecret)    ; $oHTTP.Send(Binary($sParameters)) ; tried this as well     $oHTTP.Send($sParameters)     Local $sReceived = $oHTTP.ResponseText     Return $sReceived EndFunc   ;==>CoinigyQueryPrivate  
      If I do other queries that don't require Parameters they work perfectly. I am just totally stumped by the parameter passing queries. I have tried everything and I still can't get it to go. Would really appreciate some help.
      If you want to try for yourself live, Coinigy.com give a free 30 trial.... 
      Please help...
      Thanks in advance.
    • falcontechnics
      By falcontechnics
      Dear master, hello,
      I got the speech API from Google. But I could not find how to use. Could you help me with a simple example?
      "https://speech.googleapis.com/v1/speech:recognize?key=MyKey"
    • imitto
      By imitto
      Hello all!
      I use Autoit for a while, already made some automation for a TV station's master control room with it. I made a UDF to easily work with PAL timecode and time with milliseconds, convert, add or subtract them. Feel free to use it if you want something like this
      #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Res_Description=PAL Timecode Calculator UDF #AutoIt3Wrapper_Res_LegalCopyright=horvath.imre@gmail.com #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** ; ; #FUNCTION# ; Name...........: _tcAdd ; Description....: Returns addition of two timecodes ; Syntax.........: _tcAdd($fTc1, fTc2 [, $fFormat = "P"]) ; ; Parameters.....: $fTc1 - First timecode in hh:mm:ss.ff format ; $fTc2 - Second timecode in hh:mm:ss.ff format ; $fFormat - Time base - "P" (default): PAL (25 fps) ; "M" : millisecond ; ; Return value...: Sum of the two timecode in the selected format Func _tcAdd($fTc1, $fTc2, $fFormat = "P", $fHourFormat = 1) Local $fMs1 = _tcToMs($fTc1) Local $fMs2 = _tcToMs($fTc2) Local $fSumMs = $fMs1 + $fMs2 Return _msToTc($fSumMs, $fFormat, $fHourFormat) EndFunc ; #FUNCTION# ; Name...........: _tcsSub ; Description....: Returns addition of two timecodes ; Syntax.........: _tcSub($fTc1, fTc2 [, $fFormat = "P"]) ; ; Parameters.....: $fTc1 - First timecode in hh:mm:ss.ff format ; $fTc2 - Second timecode in hh:mm:ss.ff format ; $fFormat - Time base - "P" (default): PAL (25 fps) ; "M" : millisecond ; ; Return value...: Subtract $fTc2 from $fTc1 in the source format Func _tcSub($fTc1, $fTc2, $fFormat = "P") Local $fMs1 = _tcToMs($fTc1) Local $fMs2 = _tcToMs($fTc2) Local $fSumMs = $fMs1 - $fMs2 If $fSumMs < 0 Then $fSumMs = _tcToMs("24:00:00.00") - ($fSumMs * -1) EndIf Return _msToTc($fSumMs, $fFormat) EndFunc ; #FUNCTION# ; Name...........: _tcToMs ; Description....: Returns timecode converted to total milliseconds ; Syntax.........: _tcToMs($fTc) ; ; Parameters.....: $fTc - Timecode in hh:mm:ss.ff or hh:mm:ss:xxx format, where xxx are milliseconds ; ; Return value...: Milliseconds as an integer value Func _tcToMs($fTc) Local $fTemp = StringSplit($fTc, ":.") Local $fChr = StringLen($fTemp[4]) Switch $fChr Case 2 Return ($fTemp[4] * 40) + ($fTemp[3] * 1000) + ($fTemp[2] * 60000) + ($fTemp[1] * 3600000) Case 3 Return ($fTemp[4]) + ($fTemp[3] * 1000) + ($fTemp[2] * 60000) + ($fTemp[1] * 3600000) EndSwitch EndFunc ; #FUNCTION# ; Name...........: _msToTc ; Description....: Converts total milliseconds to timecode ; Syntax.........: _msToTc($fIn, $fFormat = "P", $fHourFormat = 1) ; ; Parameters.....: $fIn - Time in milliseconds ; $fFormat - Output format "P": PAL TC (default) ; "M": hh:mm:ss.xxx where xxx are milliseconds ; $fHourFormat - Hour format "1": max. value is 23, then starts from 0 (default) ; "0": hours can be more then 23 ; ; Return value...: Timecode as string in the selected format Func _msToTc($fIn, $fFormat = "P", $fHourFormat = 1) Switch $fFormat Case "P" Local $fFr = StringFormat("%02i", (StringRight($fIn, 3) - Mod(StringRight($fIn, 3), 40)) / 40) Case "M" Local $fFr = StringFormat("%03i", StringRight($fIn, 3)) EndSwitch $fIn = StringTrimRight($fIn, 3) Local $fSec = StringFormat("%02i", Mod($fIn, 60)) $fIn -= $fSec Local $fMinTot = $fIn / 60 Local $fMin = StringFormat("%02i", Mod($fMinTot, 60)) $fIn -= $fMin*60 Local $fHourTot = $fIn / 60 / 60 Switch $fHourFormat Case 1 $fHour = StringFormat("%02i", Mod($fHourTot, 24)) Case 0 $fHour = StringFormat("%02i", $fHourTot) EndSwitch Return($fHour & ":" & $fMin & ":" & $fSec & "." & $fFr) EndFunc ; #FUNCTION# ; Name...........: _tcFormatChange ; Description....: Toggle TC format ; Syntax.........: _tcFormatChange($fTc) ; ; Parameters.....: $fTc - Timecode in hh:mm:ss.ff or hh:mm:ss:xxx format, where xxx are milliseconds ; ; Return value...: PAL timecode or time with milliseconds as string, depends on input Func _tcFormatChange($fTc) Local $fTemp = StringSplit($fTc, ":.") Local $fChr = StringLen($fTemp[4]) Switch $fChr Case 2 Return $fTemp[1]&":"&$fTemp[2]&":"&$fTemp[3]&"."&StringFormat("%03i", $fTemp[4]*40) Case 3 Return $fTemp[1]&":"&$fTemp[2]&":"&$fTemp[3]&"."&StringFormat("%02i", ($fTemp[4]-Mod($fTemp[4], 40))/40) EndSwitch EndFunc And the example script:
      #include<_PAL_TC_Calc.au3> $palTC1 = "00:01:12.20" $palTC2 = "23:59:50.02" $msTC1 = "00:01:12.800" $msTC2 = "23:59:50.120" MsgBox(0, "1", _tcAdd($palTC1, $palTC2)); Adds $palTC1 to $palTC2, turns hour back to 0 after 23, returns PAL TC format MsgBox(0, "2", _tcAdd($palTC1, $palTC2, "M")); Adds $palTC1 to $palTC2, turns hour back to 0 after 23, returns time with milliseconds format MsgBox(0, "3", _tcAdd($palTC1, $palTC2, "M", 0)); Adds $palTC1 to $palTC2, hours can be infinite, returns time with milliseconds format MsgBox(0, "4", _tcAdd($msTC1, $msTC2)); Adds $palTC1 to $palTC2, turns hour back to 0 after 23, returns PAL TC format MsgBox(0, "5", _tcAdd($msTC1, $msTC2, "M")); Adds $palTC1 to $palTC2, turns hour back to 0 after 23, returns time with milliseconds format MsgBox(0, "6", _tcAdd($msTC1, $msTC2, "M", 0)); Adds $palTC1 to $palTC2, hours can be infinite, returns time with milliseconds format MsgBox(0, "7", _tcSub($palTC2, $palTC1)); Subtract $palTC1 from $palTC2, returns PAL TC format MsgBox(0, "8", _tcSub($palTC2, $palTC1, "M")); Subtract $palTC1 from $palTC2, time with milliseconds format MsgBox(0, "9", _tcSub($msTC1, $msTC2)); Subtract $palTC1 from $palTC2, returns PAL TC format - when hits zero, counts back from 24:00:00.00 MsgBox(0, "10", _tcSub($msTC1, $msTC2, "M")); Subtract $palTC1 from $palTC2, time with milliseconds format - when hits zero, counts back from 24:00:00.000 MsgBox(0, "11", _tcFormatChange($palTC2)); Convert PAL TC to time with milliseconds and back MsgBox(0, "12", _tcFormatChange($msTC2)); Convert PAL TC to time with milliseconds and back  
      TC_CALC_example.au3
      _PAL_TC_Calc.au3
    • TRAGENALPHA
      By TRAGENALPHA
      A small UDF to Modify the Console Interface.
      #include-once ;#AutoIt3Wrapper_Au3Check_Parameters=-q -d -w 1 -w 2 -w 3 -w- 4 -w 5 -w 6 -w- 7 ; =============================================================================================================================== ; Name...........: Console Modify ; Description ...: A small UDF to manipulate the Console Interface for scripts that are compiled as a console application. ; Syntax.........: _ConsoleClear() -- Clears the Console ; _ConsoleTitle("VALUE") - Sets the console title. ; _ConsoleWindow([WIDTH BUFFER SIZE], [HEIGHT BUFFER SIZE]) - Sets the Width and Height Buffer size of the console. ; Parameters ....: $bh6e5v_ctval = Title of the Console Window. ; $bh6e5v_cwwidth = Window width buffer size. ; $bh6e5v_cwheight = Window height buffer size. ; Return values .: True = Console window buffer size has been changed ; False = Failed to change console window buffer size. ; Author ........: TRAGENALPHA <3 ; Example .......: _ConsoleTitle("This is the new title") // _ConsoleWindow(200, 60) ; =============================================================================================================================== ; -- This is here because writing RunDos and including a whole UDF is too much. But this is basically just _RunDos() ;Func cmd($bh6e5v_ldvar) ; RunWait(@ComSpec & " /c " & $bh6e5v_ldval) ;EndFunc Func _ConsoleClear() RunWait(@ComSpec & " /c cls") EndFunc Func _ConsoleTitle($bh6e5v_ctval) RunWait(@ComSpec & " /c title " & $bh6e5v_ctval) EndFunc Func _ConsoleWindow($bh6e5v_cwwidth, $bh6e5v_cwheight) If IsNumber($bh6e5v_cwwidth) And IsNumber($bh6e5v_cwheight) And ($bh6e5v_cwwidth > 0) And ($bh6e5v_cwheight > 0) Then RunWait(@ComSpec & " /c mode con: cols=" & $bh6e5v_cwwidth & " lines=" & $bh6e5v_cwheight) Return True Else Return False EndIf EndFunc  
      ConsoleModify.au3
    • FrancescoDiMuro
      By FrancescoDiMuro
      Good morning everyone
      I'm working on a little project, and, I encountered a little strange error when I try to add some data to an array...
      The code I wrote is this:
      Func _WMI_Get_Win32_TemperatureProbe($blnCanUseWMI, $blnCustomArrayDisplay = False, $blnReturnEU = False) If $blnCanUseWMI Then Local $objWMI_QueryResult = $objWMI.ExecQuery("SELECT * FROM Win32_TemperatureProbe", "WQL", 32) If @error Then __ConsoleWrite("Error executing the query on Win32_TemperatureProbe class.", @error, 9999) Else Local $arrWin32_TemperatureProbe[1][3] _ArrayDelete($arrWin32_TemperatureProbe, 0) If @error Then __ConsoleWrite("Error deleting the 0st element $arrWin32_TemperatureProbe array.", @error, 9999) Else Local $objWMI_Variable = Null, $strWMI_QueryResult = "", $i = 0 For $objWMI_Variable In $objWMI_QueryResult $strWMI_QueryResult &= "QUERY RESULT" & "|# " & $i & "|/" & @CRLF & _ "Accuracy" & "|" & $objWMI_Variable.Accuracy & "|" & "[sint32]" & @CRLF & _ "Availability" & "|" & $objWMI_Variable.Availability & "|" & "[uint16]" & @CRLF & _ "Caption" & "|" & $objWMI_Variable.Caption & "|" & "[string]" & @CRLF & _ "ConfigManagerErrorCode" & "|" & $objWMI_Variable.ConfigManagerErrorCode & "|" & "[uint32]" & @CRLF & _ "ConfigManagerUserConfig" & "|" & $objWMI_Variable.ConfigManagerUserConfig & "|" & "[boolean]" & @CRLF & _ "CreationClassName" & "|" & $objWMI_Variable.CreationClassName & "|" & "[string]" & @CRLF & _ "CurrentReading" & "|" & $objWMI_Variable.CurrentReading & "|" & "[sint32]" & @CRLF & _ "Description" & "|" & $objWMI_Variable.Description & "|" & "[string]" & @CRLF & _ "DeviceID" & "|" & $objWMI_Variable.DeviceID & "|" & "[string]" & @CRLF & _ "ErrorCleared" & "|" & $objWMI_Variable.ErrorCleared & "|" & "[boolean]" & @CRLF & _ "ErrorDescription" & "|" & $objWMI_Variable.ErrorDescription & "|" & "[string]" & @CRLF & _ "InstallDate" & "|" & $objWMI_Variable.InstallDate & "|" & "[datetime]" & @CRLF & _ "IsLinear" & "|" & $objWMI_Variable.IsLinear & "|" & "[boolean]" & @CRLF & _ "LastErrorCode" & "|" & $objWMI_Variable.LastErrorCode & "|" & "[uint32]" & @CRLF & _ "LowerThresholdCritical" & "|" & $objWMI_Variable.LowerThresholdCritical & "|" & "[sint32]" & @CRLF & _ "LowerThresholdFatal" & "|" & $objWMI_Variable.LowerThresholdFatal & "|" & "[sint32]" & @CRLF & _ "LowerThresholdNonCritical" & "|" & $objWMI_Variable.LowerThresholdNonCritical & "|" & "[sint32]" & @CRLF & _ "MaxReadable" & "|" & $objWMI_Variable.MaxReadable & "|" & "[sint32]" & @CRLF & _ "MinReadable" & "|" & $objWMI_Variable.MinReadable & "|" & "[sint32]" & @CRLF & _ "Name" & "|" & $objWMI_Variable.Name & "|" & "[string]" & @CRLF & _ "NominalReading" & "|" & $objWMI_Variable.NominalReading & "|" & "[sint32]" & @CRLF & _ "NormalMax" & "|" & $objWMI_Variable.NormalMax & "|" & "[sint32]" & @CRLF & _ "NormalMin" & "|" & $objWMI_Variable.NormalMin & "|" & "[sint32]" & @CRLF & _ "PNPDeviceID" & "|" & $objWMI_Variable.PNPDeviceID & "|" & "[string]" & @CRLF & _ "PowerManagementCapabilities" & "|" & $objWMI_Variable.PowerManagementCapabilities & "|" & "[uint16]" & @CRLF & _ "PowerManagementSupported" & "|" & $objWMI_Variable.PowerManagementSupported & "|" & "[boolean]" & @CRLF & _ "Resolution" & "|" & $objWMI_Variable.Resolution & "|" & "[uint32]" & @CRLF & _ "Status" & "|" & $objWMI_Variable.Status & "|" & "[string]" & @CRLF & _ "StatusInfo" & "|" & $objWMI_Variable.StatusInfo & "|" & "[uint16]" & @CRLF & _ "SystemCreationClassName" & "|" & $objWMI_Variable.SystemCreationClassName & "|" & "[string]" & @CRLF & _ "SystemName" & "|" & $objWMI_Variable.SystemName & "|" & "[string]" & @CRLF & _ "Tolerance" & "|" & $objWMI_Variable.Tolerance & "|" & "[sint32]" & @CRLF & _ "UpperThresholdCritical" & "|" & $objWMI_Variable.UpperThresholdCritical & "|" & "[sint32]" & @CRLF & _ "UpperThresholdFatal" & "|" & $objWMI_Variable.UpperThresholdFatal & "|" & "[sint32]" & @CRLF & _ "UpperThresholdNonCritical" & "|" & $objWMI_Variable.UpperThresholdNonCritical & "|" & "[sint32]" $i+=1 Next ConsoleWrite($strWMI_QueryResult & @CRLF) _ArrayAdd($arrWin32_TemperatureProbe, $strWMI_QueryResult) ; I'll wait for an answer... See you later :) If @error Then __ConsoleWrite("Error inserting item #" & $i & " in the $arrWin32_TemperatureProbe array.", @error, 9999) Else If $blnCustomArrayDisplay Then _ArrayDisplay($arrWin32_TemperatureProbe, "Win32_TemperatureProbe:", "", 64 + 32 + 4, "|", "VARIABLE NAME|ACTUAL VALUE|ENGINEERING UNIT", 350, 0xD3D3D3) If @error Then __ConsoleWrite("Error displaying the $arrWin32_TemperatureProbe array.", @error, 9999) EndIf EndIf If $blnReturnEU = False Then _ArrayColDelete($arrWin32_TemperatureProbe, 2) If @error Then __ConsoleWrite("Error deleting the column #2 of $arrWin32_TemperatureProbe array.") EndIf EndIf If IsArray($arrWin32_TemperatureProbe) Then Return $arrWin32_TemperatureProbe Else Return False EndIf EndIf EndIf EndIf EndIf EndFunc And I get this error ( undocumented in the Help File on _ArrayAdd() function ):
      [15/09/2017 10:24:46] : Error inserting item #4 in the $arrWin32_TemperatureProbe array. > Error: 0 Adding a ConsoleWrite() before the _ArrayAdd() function, I can see the content of $strWMI_QueryResult, and, here it is:
      QUERY RESULT|# 0|/
      Accuracy|32768|[sint32]
      Availability||[uint16]
      Caption|Sensore numerico|[string]
      ConfigManagerErrorCode||[uint32]
      ConfigManagerUserConfig||[boolean]
      CreationClassName|Win32_TemperatureProbe|[string]
      CurrentReading||[sint32]
      Description|CPU Thermal Probe|[string]
      DeviceID|root\cimv2 0|[string]
      ErrorCleared||[boolean]
      ErrorDescription||[string]
      InstallDate||[datetime]
      IsLinear||[boolean]
      LastErrorCode||[uint32]
      LowerThresholdCritical||[sint32]
      LowerThresholdFatal||[sint32]
      LowerThresholdNonCritical||[sint32]
      MaxReadable|1270|[sint32]
      MinReadable|64266|[sint32]
      Name|Sensore numerico|[string]
      NominalReading||[sint32]
      NormalMax||[sint32]
      NormalMin||[sint32]
      PNPDeviceID||[string]
      PowerManagementCapabilities||[uint16]
      PowerManagementSupported||[boolean]
      Resolution|1000|[uint32]
      Status|Unknown|[string]
      StatusInfo||[uint16]
      SystemCreationClassName|Win32_ComputerSystem|[string]
      SystemName|DESKTOP-25LFPVU|[string]
      Tolerance|32768|[sint32]
      UpperThresholdCritical||[sint32]
      UpperThresholdFatal||[sint32]
      UpperThresholdNonCritical||[sint32]QUERY RESULT|# 1|/
      Accuracy|32768|[sint32]
      Availability||[uint16]
      Caption|Sensore numerico|[string]
      ConfigManagerErrorCode||[uint32]
      ConfigManagerUserConfig||[boolean]
      CreationClassName|Win32_TemperatureProbe|[string]
      CurrentReading||[sint32]
      Description|True Ambient Thermal Probe|[string]
      DeviceID|root\cimv2 1|[string]
      ErrorCleared||[boolean]
      ErrorDescription||[string]
      InstallDate||[datetime]
      IsLinear||[boolean]
      LastErrorCode||[uint32]
      LowerThresholdCritical||[sint32]
      LowerThresholdFatal||[sint32]
      LowerThresholdNonCritical||[sint32]
      MaxReadable|1270|[sint32]
      MinReadable|64266|[sint32]
      Name|Sensore numerico|[string]
      NominalReading||[sint32]
      NormalMax||[sint32]
      NormalMin||[sint32]
      PNPDeviceID||[string]
      PowerManagementCapabilities||[uint16]
      PowerManagementSupported||[boolean]
      Resolution|1000|[uint32]
      Status|Unknown|[string]
      StatusInfo||[uint16]
      SystemCreationClassName|Win32_ComputerSystem|[string]
      SystemName|DESKTOP-25LFPVU|[string]
      Tolerance|32768|[sint32]
      UpperThresholdCritical||[sint32]
      UpperThresholdFatal||[sint32]
      UpperThresholdNonCritical||[sint32]QUERY RESULT|# 2|/
      Accuracy|32768|[sint32]
      Availability||[uint16]
      Caption|Sensore numerico|[string]
      ConfigManagerErrorCode||[uint32]
      ConfigManagerUserConfig||[boolean]
      CreationClassName|Win32_TemperatureProbe|[string]
      CurrentReading||[sint32]
      Description|Memory Module Thermal Probe|[string]
      DeviceID|root\cimv2 2|[string]
      ErrorCleared||[boolean]
      ErrorDescription||[string]
      InstallDate||[datetime]
      IsLinear||[boolean]
      LastErrorCode||[uint32]
      LowerThresholdCritical||[sint32]
      LowerThresholdFatal||[sint32]
      LowerThresholdNonCritical||[sint32]
      MaxReadable|1270|[sint32]
      MinReadable|64266|[sint32]
      Name|Sensore numerico|[string]
      NominalReading||[sint32]
      NormalMax||[sint32]
      NormalMin||[sint32]
      PNPDeviceID||[string]
      PowerManagementCapabilities||[uint16]
      PowerManagementSupported||[boolean]
      Resolution|1000|[uint32]
      Status|Unknown|[string]
      StatusInfo||[uint16]
      SystemCreationClassName|Win32_ComputerSystem|[string]
      SystemName|DESKTOP-25LFPVU|[string]
      Tolerance|32768|[sint32]
      UpperThresholdCritical||[sint32]
      UpperThresholdFatal||[sint32]
      UpperThresholdNonCritical||[sint32]QUERY RESULT|# 3|/
      Accuracy|32768|[sint32]
      Availability||[uint16]
      Caption|Sensore numerico|[string]
      ConfigManagerErrorCode||[uint32]
      ConfigManagerUserConfig||[boolean]
      CreationClassName|Win32_TemperatureProbe|[string]
      CurrentReading||[sint32]
      Description|Video Card Thermal Probe|[string]
      DeviceID|root\cimv2 3|[string]
      ErrorCleared||[boolean]
      ErrorDescription||[string]
      InstallDate||[datetime]
      IsLinear||[boolean]
      LastErrorCode||[uint32]
      LowerThresholdCritical||[sint32]
      LowerThresholdFatal||[sint32]
      LowerThresholdNonCritical||[sint32]
      MaxReadable|1270|[sint32]
      MinReadable|64266|[sint32]
      Name|Sensore numerico|[string]
      NominalReading||[sint32]
      NormalMax||[sint32]
      NormalMin||[sint32]
      PNPDeviceID||[string]
      PowerManagementCapabilities||[uint16]
      PowerManagementSupported||[boolean]
      Resolution|1000|[uint32]
      Status|Unknown|[string]
      StatusInfo||[uint16]
      SystemCreationClassName|Win32_ComputerSystem|[string]
      SystemName|DESKTOP-25LFPVU|[string]
      Tolerance|32768|[sint32]
      UpperThresholdCritical||[sint32]
      UpperThresholdFatal||[sint32]
      UpperThresholdNonCritical||[sint32]
       
      Could please anyone help me out? 
      Thanks in advance
      Francesco