dcoggie

anti virus script incorrect output

6 posts in this topic

This is an extract from a larger program.

Avast is enabled and up to date. However on a Vista system it failed to access the info.

The printout was - "Avast's ProductState is indeterminate"    

Why?

 

Local $aResult0, $aResult1, $ProductIsInOrOutOfDate, $ProductDisabledOrNot
$oWMI = ObjGet("winmgmts:" & "{impersonationLevel=impersonate}!\\localhost\root\SecurityCenter2")
$colItems = $oWMI.ExecQuery("Select * from AntiVirusProduct")
For $objAntiVirusProduct In $colItems
    $aResult0 = $objAntiVirusProduct.DisplayName
    $aResult1 = $objAntiVirusProduct.ProductState
    $ProductIsInOrOutOfDate = StringMid(Hex($aResult1), 7, 2)
    $ProductDisabledOrNot = StringMid(Hex($aResult1), 5, 2)
If @error Then
FileWrite($hLogFile, "Warning! *No Antivirus Installed*" & @CRLF)
Else
Switch $ProductDisabledOrNot
Case "10", "11"
FileWrite($hLogFile, $aResult0 & " " & "(Enabled - " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "Up to Date)" & @CRLF)
Case "00", "01"
FileWrite($hLogFile, $aResult0 & " " & "(Disabled - " & (($ProductIsInOrOutOfDate = "10") ? "Not " : "") & "Up to Date)" & @CRLF)
Case Else
FileWrite($hLogFile, $aResult0 & "'s ProductState is indeterminate" & @CRLF)
EndSwitch
EndIf
Next

 

Share this post


Link to post
Share on other sites



Usually because there is an issue with WMI and it requires repairing.

Share this post


Link to post
Share on other sites
19 hours ago, Subz said:

Usually because there is an issue with WMI and it requires repairing.

I don't think so because FRST produced the correct output.

Share this post


Link to post
Share on other sites

Can you add COM Error Handling:

Example from Water:

; COM Error Handler example
; -------------------------
$oMyError = ObjEvent("AutoIt.Error","MyErrFunc") ; Initialize a COM error handler
; ... Your code goes here
Exit
; This is my custom defined error handler
Func MyErrFunc()
  Msgbox(0,"AutoItCOM Test","We intercepted a COM Error !"    & @CRLF  & @CRLF & _
    "err.description is: "  & @TAB & $oMyError.description  & @CRLF & _
    "err.windescription:"    & @TAB & $oMyError.windescription & @CRLF & _
    "err.number is: "        & @TAB & hex($oMyError.number,8)  & @CRLF & _
    "err.lastdllerror is: "   & @TAB & $oMyError.lastdllerror   & @CRLF & _
    "err.scriptline is: "    & @TAB & $oMyError.scriptline   & @CRLF & _
    "err.source is: "        & @TAB & $oMyError.source       & @CRLF & _
    "err.helpfile is: "    & @TAB & $oMyError.helpfile     & @CRLF & _
    "err.helpcontext is: "  & @TAB & $oMyError.helpcontext _
            )
Endfunc

Share this post


Link to post
Share on other sites

Thanks I'll give that a try.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now