Add support to detect unregistered AV products in system profile.

Some products do not register with WMI or Security Center. Add a
"best effort" attempt to enumerate these and add them to the
system profile, starting with IBM/Trusteer Rapport Endpoint Security.

BUG=615154
TEST=manual - see https://docs.google.com/document/d/1DNWXftKWmC76987dN8-d0v7mwPz40SrJzl6KxUNjwlY/edit

Review-Url: https://codereview.chromium.org/2578453002
Cr-Commit-Position: refs/heads/master@{#438641}

chrome/browser/metrics/antivirus_metrics_provider_win.cc

@@ -176,6 +176,8 @@ AntiVirusMetricsProvider::GetAntiVirusProductsOnFileThread() {
       result = FillAntiVirusProductsFromWMI(&av_products);
   }
 
+  MaybeAddUnregisteredAntiVirusProducts(&av_products);
+
   UMA_HISTOGRAM_ENUMERATION("UMA.AntiVirusMetricsProvider.Result",
                             result,
                             RESULT_COUNT);
@@ -426,3 +428,48 @@ AntiVirusMetricsProvider::FillAntiVirusProductsFromWMI(
 
   return RESULT_SUCCESS;
 }
+
+void AntiVirusMetricsProvider::MaybeAddUnregisteredAntiVirusProducts(
+    std::vector<AvProduct>* products) {
+  base::ThreadRestrictions::AssertIOAllowed();
+
+  // Trusteer Rapport does not register with WMI or Security Center so do some
+  // "best efforts" detection here.
+
+  // Rapport always installs into 32-bit Program Files in directory
+  // %DIR_PROGRAM_FILESX86%\Trusteer\Rapport
+  base::FilePath binary_path;
+  if (!PathService::Get(base::DIR_PROGRAM_FILESX86, &binary_path))
+    return;
+
+  binary_path = binary_path.AppendASCII("Trusteer")
+                    .AppendASCII("Rapport")
+                    .AppendASCII("bin")
+                    .AppendASCII("RapportService.exe");
+
+  if (!base::PathExists(binary_path))
+    return;
+
+  std::wstring mutable_path_str(binary_path.value());
+  std::string product_version;
+
+  if (!GetProductVersion(&mutable_path_str, &product_version))
+    return;
+
+  AvProduct av_product;
+
+  // Assume enabled, no easy way of knowing for sure.
+  av_product.set_product_state(metrics::SystemProfileProto::AntiVirusState::
+                                   SystemProfileProto_AntiVirusState_STATE_ON);
+
+  // Taken from Add/Remove programs as the product name.
+  std::string product_name("Trusteer Endpoint Protection");
+  if (ShouldReportFullNames()) {
+    av_product.set_product_name(product_name);
+    av_product.set_product_version(product_version);
+  }
+  av_product.set_product_name_hash(metrics::HashName(product_name));
+  av_product.set_product_version_hash(metrics::HashName(product_version));
+
+  products->push_back(av_product);
+}

chrome/browser/metrics/antivirus_metrics_provider_win.h

@@ -72,10 +72,17 @@ class AntiVirusMetricsProvider : public metrics::MetricsProvider {
   // interface is only available on Windows 8 and above.
   static ResultCode FillAntiVirusProductsFromWSC(
       std::vector<AvProduct>* products);
+
   // Query WMI ROOT\SecurityCenter2 for installed AV products. This interface is
   // only available on Windows Vista and above.
   static ResultCode FillAntiVirusProductsFromWMI(
       std::vector<AvProduct>* products);
+
+  // Query local machine configuration for other products that might not be
+  // registered in WMI or Security Center and add them to the product vector.
+  static void MaybeAddUnregisteredAntiVirusProducts(
+      std::vector<AvProduct>* products);
+
   static std::vector<AvProduct> GetAntiVirusProductsOnFileThread();
 
   // Called when metrics are done being gathered from the FILE thread.