dcoggie Posted October 26, 2016 Posted October 26, 2016 I have a script that detects what antivirus is on a computer. It works fine except --- I only want the second part to print out only if the first part is empty. Now it prints the info out twice. expandcollapse popupLocal $aResult0, $aResult1 $oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\localhost\root\SecurityCenter2") $colItems = $oWMI.ExecQuery("Select * from AntiVirusProduct") For $objAntiVirusProduct In $colItems $aResult0 = $objAntiVirusProduct.DisplayName $aResult1 = $objAntiVirusProduct.ProductState If @error Then msgbox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) ElseIf $aResult1 = "266240" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from avast enabled ElseIf $aResult1 = "262144" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from avast disabled ElseIf $aResult1 = "397312" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from MSE enabled ElseIf $aResult1 = "393216" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from MSE disabled ElseIf $aResult1 = "397568" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from Windows Defender enabled ElseIf $aResult1 = "393472" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from Windows Defender disabled EndIf Next $colItems = $oWMI.ExecQuery("Select * from AntispywareProduct") For $objAntiSpywareProduct In $colItems $aResult0 = $objAntiSpywareProduct.DisplayName $aResult1 = $objAntispywareProduct.ProductState If @error Then msgbox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) ElseIf $aResult1 = "266240" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from avast enabled ElseIf $aResult1 = "262144" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from avast disabled ElseIf $aResult1 = "397312" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from MSE enabled ElseIf $aResult1 = "393216" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from MSE disabled ElseIf $aResult1 = "397568" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from Windows Defender enabled ElseIf $aResult1 = "393472" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from Windows Defender disabled EndIf Next
Bert Posted October 26, 2016 Posted October 26, 2016 because the code repeats itself. The Vollatran project My blog: http://www.vollysinterestingshit.com/
BrewManNH Posted October 26, 2016 Posted October 26, 2016 (edited) Here's one way to make sure that if the first check works that the second one won't run. expandcollapse popupLocal $aResult0, $aResult1 $oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\localhost\root\SecurityCenter2") $colItems = $oWMI.ExecQuery("Select * from AntiVirusProduct") For $objAntiVirusProduct In $colItems $aResult0 = $objAntiVirusProduct.DisplayName $aResult1 = $objAntiVirusProduct.ProductState If @error Then msgbox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) ElseIf $aResult1 = "266240" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from avast enabled ElseIf $aResult1 = "262144" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from avast disabled ElseIf $aResult1 = "397312" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from MSE enabled ElseIf $aResult1 = "393216" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from MSE disabled ElseIf $aResult1 = "397568" Then msgbox(0, "", $aResult0 & " " & "(Enabled - Up to Date)" & @CRLF) ; this is from Windows Defender enabled ElseIf $aResult1 = "393472" Then msgbox(0, "", $aResult0 & " " & "(Disabled - Up to Date)" & @CRLF) ; this is from Windows Defender disabled EndIf Next If $aResult0 Then Exit ; <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< $colItems = $oWMI.ExecQuery("Select * from AntispywareProduct") For $objAntiSpywareProduct In $colItems $aResult0 = $objAntiSpywareProduct.DisplayName $aResult1 = $objAntispywareProduct.ProductState If @error Then msgbox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) ElseIf $aResult1 = "266240" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from avast enabled ElseIf $aResult1 = "262144" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from avast disabled ElseIf $aResult1 = "397312" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from MSE enabled ElseIf $aResult1 = "393216" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from MSE disabled ElseIf $aResult1 = "397568" Then msgbox(0, "", $aResult0 & " " & "(*Enabled - Up to Date)" & @CRLF) ; this is from Windows Defender enabled ElseIf $aResult1 = "393472" Then msgbox(0, "", $aResult0 & " " & "(*Disabled - Up to Date)" & @CRLF) ; this is from Windows Defender disabled EndIf Next Edited October 26, 2016 by BrewManNH If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
BrewManNH Posted October 26, 2016 Posted October 26, 2016 BTW, here's another way of rewriting your script to make it MUCH shorter and more accurate. expandcollapse popupLocal $aResult0, $aResult1, $ProductIsInOrOutOfDate, $ProductDisabledOrNot $oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\localhost\root\SecurityCenter2") $colItems = $oWMI.ExecQuery("Select * from AntiVirusProduct") For $objAntiVirusProduct In $colItems $aResult0 = $objAntiVirusProduct.DisplayName $aResult1 = $objAntiVirusProduct.ProductState $ProductIsInOrOutOfDate = StringMid(Hex($aResult1), 7, 2) $ProductDisabledOrNot = StringMid(Hex($aResult1), 5, 2) If @error Then MsgBox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) Else Switch $ProductDisabledOrNot Case "10", "11" MsgBox(0, "", $aResult0 & " " & "(Enabled & " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "up-to-date)") Case "00", "01" MsgBox(0, "", $aResult0 & " " & "(Disabled & " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "up-to-date)") Case Else MsgBox(0, "", $aResult0 & "'s product state is indeterminate") EndSwitch EndIf Next If $aResult0 Then Exit $colItems = $oWMI.ExecQuery("Select * from AntispywareProduct") For $objAntiSpywareProduct In $colItems $aResult0 = $objAntiSpywareProduct.DisplayName $aResult1 = $objAntispywareProduct.ProductState $ProductIsInOrOutOfDate = StringMid(Hex($aResult1), 7, 2) $ProductDisabledOrNot = StringMid(Hex($aResult1), 5, 2) If @error Then MsgBox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) Else Switch $ProductDisabledOrNot Case "10", "11" MsgBox(0, "", $aResult0 & " " & "(Enabled & " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "up-to-date)") Case "00", "01" MsgBox(0, "", $aResult0 & " " & "(Disabled & " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "up-to-date)") Case Else MsgBox(0, "", $aResult0 & "'s product state is indeterminate") EndSwitch EndIf Next The original script didn't detect my AV software's ProductState, because it returned a different number than you were looking for. This one doesn't care which AV or AS is installed, it's just looking at the correct bits in the returned numbers to determine if it's enabled/disabled, and up to date/out of date. If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
dcoggie Posted October 26, 2016 Author Posted October 26, 2016 (edited) Thank you BrewManNH. You have no idea what a life saver you are. I've been struggling with this for months. I only included a small sample of ProductState values in my post. In my program the list is much more extensive. Each time I have tried to use hex values it didn't pick up Windows Defender in Win 10. And when I selected antivirus on win 7 or XP. it didn't pick up Windows Defender. That's why I added antiSpyware. Once again thank you for your help. P.S. So far I have found that antiSpyware picks up all antivirus programs. Edited October 26, 2016 by dcoggie
BrewManNH Posted October 26, 2016 Posted October 26, 2016 The script I posted works on Windows 10 and detects Windows Defender and the product state correctly. If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
dcoggie Posted October 26, 2016 Author Posted October 26, 2016 26 minutes ago, BrewManNH said: The script I posted works on Windows 10 and detects Windows Defender and the product state correctly. Yes but on Win 7 it doesn't pick up Windows Defender unless it's set to "antiSpyware" and the product code is different. It's a pain in the %$^^ but I'm determined to get it right.
dcoggie Posted October 26, 2016 Author Posted October 26, 2016 (edited) I have a problem. When I added the script to my program the printout stops now at the end of the script. I think I have to change this line to get the program to keep going. Am I correct? If $aResult0 Then Exit Will this work and is it the best solution? If $aResult0 Then #comments-start $colItems = $oWMI.ExecQuery("Select * from AntispywareProduct") For $objAntiSpywareProduct In $colItems $aResult0 = $objAntiSpywareProduct.DisplayName $aResult1 = $objAntispywareProduct.ProductState $ProductIsInOrOutOfDate = StringMid(Hex($aResult1), 7, 2) $ProductDisabledOrNot = StringMid(Hex($aResult1), 5, 2) If @error Then FileWrite($hLogFile, "Warning! *No AntiVirus Installed*" & @CRLF) Else Switch $ProductDisabledOrNot Case "10", "11" FileWrite($hLogFile, $aResult0 & " " & "(Enabled - " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "Up to Date)" & @CRLF) Case "00", "01" FileWrite($hLogFile, $aResult0 & " " & "(Disabled - " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "Up to Date)" & @CRLF) Case Else FileWrite($hLogFile, $aResult0 & "'s ProductState is indeterminate" & @CRLF) EndSwitch EndIf Next #comments-end Edited October 26, 2016 by dcoggie
BrewManNH Posted October 26, 2016 Posted October 26, 2016 8 hours ago, dcoggie said: Yes but on Win 7 it doesn't pick up Windows Defender unless it's set to "antiSpyware" and the product code is different. What product code does it return on Win7, for the AV and the AS? If I posted any code, assume that code was written using the latest release version unless stated otherwise. Also, if it doesn't work on XP I can't help with that because I don't have access to XP, and I'm not going to.Give a programmer the correct code and he can do his work for a day. Teach a programmer to debug and he can do his work for a lifetime - by Chirag GudeHow to ask questions the smart way! I hereby grant any person the right to use any code I post, that I am the original author of, on the autoitscript.com forums, unless I've specifically stated otherwise in the code or the thread post. If you do use my code all I ask, as a courtesy, is to make note of where you got it from. Back up and restore Windows user files _Array.au3 - Modified array functions that include support for 2D arrays. - ColorChooser - An add-on for SciTE that pops up a color dialog so you can select and paste a color code into a script. - Customizable Splashscreen GUI w/Progress Bar - Create a custom "splash screen" GUI with a progress bar and custom label. - _FileGetProperty - Retrieve the properties of a file - SciTE Toolbar - A toolbar demo for use with the SciTE editor - GUIRegisterMsg demo - Demo script to show how to use the Windows messages to interact with controls and your GUI. - Latin Square password generator
dcoggie Posted October 26, 2016 Author Posted October 26, 2016 I'm sorry I didn't explain myself very well. I hope this is clearer. WD is Windows Defender On 7 this code generates 2 numbers only that are for Microsoft Security Essentials - 397312 & 393216. Nothing for Windows Defender. But if I change the code to AntiSpywareProduct I get code for both programs. (with MSE enabled + WD enabled): 397312 and 397568 (with MSE disabled + WD disabled): 393216 and 393472 Local $aResult0, $aResult1, $sstate $oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\localhost\root\SecurityCenter2") $colItems = $oWMI.ExecQuery("Select * from AntiVirusProduct") For $objAntiVirusProduct In $colItems $aResult0 = $objAntiVirusProduct.DisplayName $aResult1 = $objAntiVirusProduct.ProductState If $aResult0 = False Then msgbox(0, "", "Warning! *No AntiVirus Installed*" & @CRLF) Else msgbox(0, "", $aResult1 & @CRLF) EndIf Next
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now