Rahul Rohela Posted July 5, 2006 Posted July 5, 2006 HI,,, I am trying to convert fillowing Reg_Binary key to readable view... but its not working..#include <String.au3> $reg = Regread("HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion","PatternFileDate") msgbox(0,"value reg",$reg) $string = _HexToString( $reg ) msgbox(0,"string", $string)Registry value is[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion]"PatternFileDate"=hex:24,05,1c,00,00,00,00,00Please help to convert this to readable vale..
Briegel Posted July 5, 2006 Posted July 5, 2006 There's nothing to convert I think. '24,05,1c,00,00,00,00,00' That's the format from REG_BINARY. Producers often use this format to have several switches in one key as a rule.
PsaltyDS Posted July 5, 2006 Posted July 5, 2006 (edited) HI,,, I am trying to convert fillowing Reg_Binary key to readable view... but its not working.. #include <String.au3> $reg = Regread("HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion","PatternFileDate") msgbox(0,"value reg",$reg) $string = _HexToString( $reg ) msgbox(0,"string", $string) Registry value is [HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion] "PatternFileDate"=hex:24,05,1c,00,00,00,00,00 Please help to convert this to readable vale.. I'll bet the commas are throwing off the _HexToString() function. Use this: #include <String.au3> $reg = Regread("HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion","PatternFileDate") msgbox(0,"value reg",$reg) $string = _HexToString(StringReplace($reg, ",", "")) msgbox(0,"string", $string) P.S. Makes the big assumption that what you're looking at is ASCII in hex form. That registry value might be otherwise. Edited July 5, 2006 by PsaltyDS Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Rahul Rohela Posted July 5, 2006 Author Posted July 5, 2006 Its a pattern file date of NAV. I just want to convert it in readable format.. so that i can access Virus Definition pattern file date of remote PC. This will help me to know that which PC is not up to date with latest virus pattern.. If someone has other way to know this.. Please suggest.
Briegel Posted July 5, 2006 Posted July 5, 2006 Is it possible to work with properties of *.exe or other files?Maybe the 'DateModified', 'DateCreated' or 'DateAccessed' from a file can help to identify a pattern version.If this is possible try ExtProp.au3 from Simucal.good luck
Rahul Rohela Posted July 5, 2006 Author Posted July 5, 2006 Is it possible to work with properties of *.exe or other files?Maybe the 'DateModified', 'DateCreated' or 'DateAccessed' from a file can help to identify a pattern version.If this is possible try ExtProp.au3 from Simucal.good luckPattern is not updating EXE ... its update of definition only... Reg Binary 24,06,04,00,00,00,00,00 maining is Date 20060704& of 24,05,1c,00,00,00,00,00 is 20060628Please help to convert This reg binary to normal.
Briegel Posted July 5, 2006 Posted July 5, 2006 (edited) 1. Most of AntiVirus-Software (I know) uses a *.ini to to document last pattern version. Is this an alternate?2. Or search for the newest patternfile on every system. To relief you can perhaps use ExtProp.au3 from Simucal.3. If you absolutly want to use your reg key you are able to ask AntiVirus-Support for syntax.One of these 3 possibilities msut must be realizable.EDIT: Grrr... my bad english.... Edited July 5, 2006 by Briegel
Rahul Rohela Posted July 5, 2006 Author Posted July 5, 2006 (edited) Due to security reason drives are not sahred so i cant access files on remote system But as remote registry service is reunning i can access that... Thx for you help Edited July 5, 2006 by Rahul Rohela
Briegel Posted July 5, 2006 Posted July 5, 2006 Did you really disconnect the systemshares (ADMIN$,IPC$ and C$) and remote registry service is open?
PsaltyDS Posted July 5, 2006 Posted July 5, 2006 Pattern is not updating EXE ... its update of definition only... Reg Binary 24,06,04,00,00,00,00,00 maining is Date 20060704 & of 24,05,1c,00,00,00,00,00 is 20060628 Please help to convert This reg binary to normal. I'm not sure what you mean by 'normal'. But this may work (not on a Windows box, so can't test): $reg = "24,06,04,00,00,00,00,00" $result = _GetTimeCode($reg) MsgBox(64, "Input = " & $reg & " Output = " & $result) $reg = "24,05,1c,00,00,00,00,00" $result = _GetTimeCode($reg) MsgBox(64, "Input = " & $reg & " Output = " & $result) Func _GetTimeCode($xCode) Local $aCode = StringSplit($xCode, ",") If $aCode[0] >= 3 Then ; Put 0x in front of the number as a string $sYY = "0x" & $aCode[1] $sMM = "0x" & $aCode[2] $sDD = "0x" & $aCode[3] ; Do hex math to get date numbers $iYear = 1970 + $sYY $iMonth = 1 + $sMM $iDay = 0 + $sDD ; Return result as "YYYY/MM/DD" string Return $iYear & "/" & $iMonth & "/" & $iDay Else Return SetError(0, 0, 0) EndIf EndFunc They seem to have years since 1970, months since January, and the day, if your interpretation above is correct. One of the many 'normal' ways to represent time is the time since the computer epoch (arbitrarily set at midnight, 01 January, 1970). Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
Rahul Rohela Posted July 6, 2006 Author Posted July 6, 2006 I'm not sure what you mean by 'normal'. But this may work (not on a Windows box, so can't test): $reg = "24,06,04,00,00,00,00,00" $result = _GetTimeCode($reg) MsgBox(64,"", "Input = " & $reg & " Output = " & $result) $reg = "24,05,1c,00,00,00,00,00" $result = _GetTimeCode($reg) MsgBox(64,"", "Input = " & $reg & " Output = " & $result) Func _GetTimeCode($xCode) Local $aCode = StringSplit($xCode, ",") If $aCode[0] >= 3 Then ; Put 0x in front of the number as a string $sYY = "0x" & $aCode[1] $sMM = "0x" & $aCode[2] $sDD = "0x" & $aCode[3] ; Do hex math to get date numbers $iYear = 1970 + $sYY $iMonth = 1 + $sMM $iDay = 0 + $sDD ; Return result as "YYYY/MM/DD" string Return $iYear & "/" & $iMonth & "/" & $iDay Else Return SetError(0, 0, 0) EndIf EndFunc They seem to have years since 1970, months since January, and the day, if your interpretation above is correct. One of the many 'normal' ways to represent time is the time since the computer epoch (arbitrarily set at midnight, 01 January, 1970). Great this is what i want... You are great To "Normal" .. i mean i want to convert this reg bainary to Date format.. Test it with reg vale $reg = "24,06,05,00,00,00,00,00" and output was correct..
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now