RE: Mcafee and Norton Anti Virus definition version
- From: "Eggleston, Mark" <meggleston@xxxxxxxxxxxxxx>
- Date: Wed, 25 Mar 2009 13:44:04 -0400
The post below from last year is very helpful. Anyone know the regkey
for MacAfee to get the last scan date?
Thanks,
Mark
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Brian Johnson
Sent: Friday, February 29, 2008 12:18 PM
To: "kabhinav....."@gmail.com
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Mcafee and Norton Anti Virus definition version
I wrote a program that does this sort of thing, unfortunately I can't
share it in whole. There are some reasonable resources on the web if
you are willing to search around.
For Norton:
The registry key you care about is:
HKLM\SOFTWARE\Symantec\SharedDefs\DefWatch\DefVersion
To decode the value to a data I use the following code (where strValue
is the results of the registry query):
year = strValue(1) * 256 + strValue(0)
month = strValue(3) * 256 + strValue(2)
day = strValue(7) * 256 + strValue(6)
rev = strValue(16)
For McAfee the registry path you care about are:
HKLM\SOFTWARE\Network Associates\TVD\Shared Components\VirusScan
Engine\4.0.xx
with the keys:
szEngineVer
szVirDefDate
szVirDefVer
I don't believe that these decode to a date, if I am wrong please
correct me.
These are easy to query with WMI. Microsoft Script Center is a great
resource on how exactly do to this if you haven't done this before.
Good luck!
On Fri, Feb 22, 2008 at 2:50 PM, Abhinav <kabhinav@xxxxxxxxx> wrote:
Hello Listversion
I am trying to programmitically find out the virus definition
of the anti -virus software installed. The two anit-virus we use inThis message, together with any attachments, is intended only for
our company are from Norton and Mcafee.
Is there a registry key/or windows api/WMI call that I can use which
can provide me this information?
Thanks
-Abhinav
the use of the individual or entity to which it is addressed. It
may contain information that is confidential and prohibited from
disclosure. If you are not the intended recipient, you are hereby
notified that any dissemination or copying of this message or any
attachment is strictly prohibited. If you have received this
message in error, please notify the original sender immediately by
telephone or by return e-mail and delete this message along with
any attachments, from your computer.
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute
Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
- Prev by Date: Re: Third Party Patch Management
- Next by Date: skills for mastering border security (firewalls,ips etc)
- Previous by thread: Juniper firewall network monitor
- Next by thread: skills for mastering border security (firewalls,ips etc)
- Index(es):
Relevant Pages
|
