Powershell script to get Symantec Antivirus Client version and virus definition date - Version 4
Here is V4 of this script and thanks KirkAMunro for his detailed help so that I can replace my switch statement with Hex conversion algorithm. This way not only I replaced ~80 lines of codes with ~8 line and most beautifully I don’t have to update those version number any more!
$erroractionpreference = "SilentlyContinue"
$a = New-Object -comobject Excel.Application
$a.visible = $True
$b = $a.Workbooks.Add()
$c = $b.Worksheets.Item(1)
$c.Cells.Item(1,1) = "Machine Name"
$c.Cells.Item(1,2) = "Parent Server"
$c.Cells.Item(1,3) = "Client Group"
$c.Cells.Item(1,4) = "SAV Version"
$c.Cells.Item(1,5) = "Virus Definition"
$c.Cells.Item(1,6) = "Rev Number"
$c.Cells.Item(1,7) = "Status"
$c.Cells.Item(1,8) = "Report Time Stamp"
$d = $c.UsedRange
$d.Interior.ColorIndex = 19
$d.Font.ColorIndex = 11
$d.Font.Bold = $True
$intRow = 2
$colComputers = get-content C:\Myworkplace\Clientlist.txt
foreach ($strComputer in $colComputers)
{
$c.Cells.Item($intRow,1) = $strComputer
Function GetRegInfo
{
$OS = get-wmiobject Win32_computerSystem -computername $strComputer
foreach($objOS in $OS)
{
if($objOS.systemtype -eq "X64-based PC")
{
$key="Software\Wow6432Node\INTEL\LANDesk\VirusProtect6\CurrentVersion"
}
Else
{
$key="Software\INTEL\LANDesk\VirusProtect6\CurrentVersion"
}
}
$regkey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey([Microsoft.Win32.RegistryHive]::LocalMachine, $strComputer)
$regKey = $regKey.OpenSubKey($key)
$Parent = $regKey.GetValue("parent")
$strParent = $Parent.substring(0,7)
If($strParent -eq 'OPCOSAV')
{
$c.Cells.Item($intRow,2).Interior.ColorIndex = 7
$c.Cells.Item($intRow,2) = $Parent
}
Else
{
$c.Cells.Item($intRow,2) = $Parent
}
$Group = $regKey.GetValue("ClientGroup")
If ($Group -eq 'Instrat')
{
$c.Cells.Item($intRow,3).Interior.ColorIndex = 8
$c.Cells.Item($intRow,3) = $Group
}
Else
{
$c.Cells.Item($intRow,3) = $Group
}
$productver = $regKey.GetValue("ProductVersion")
$Productver = "0x{0:X}" -f $productver
$Lo = "0x" + $Productver.substring(($Productver.length-4), 4)
$Hi = $Productver.substring(0,($Productver.length-4))
$x =[string][long]$Lo
$minor = $x.substring(($x.length-1), 1)
$rev = $x.substring(($x.length -2), 1)
$major = $x.substring(0, ($x.length-2))
$build = [long]$Hi
$savversion = $major + "." + $rev + "." + $minor +"." + $build
$VersionNumber = [int]$SavVersion.substring(0,2)
If ($VersionNumber -ge 9)
{$c.Cells.Item($intRow,4) = $SavVersion}
Else
{
$c.Cells.Item($intRow,4).Interior.ColorIndex = 3
$c.Cells.Item($intRow,4) = $SavVersion
}
}
GetRegInfo
Function GetDefInfo
{
$OS = get-wmiobject Win32_computerSystem -computername $strComputer
foreach($objOS in $OS)
{
if($objOS.systemtype -eq "X64-based PC")
{
$path = "\\$strcomputer\c$\Program Files (x86)\Common Files\Symantec Shared\VirusDefs\definfo.dat"
}
Else
{
$path ="\\$strcomputer\c$\Program Files\Common Files\Symantec Shared\VirusDefs\definfo.dat"
}
}
$x = Test-path $path
if($x -eq "True")
{
$y = get-content $path
$z = $y[1]
$dtyear = $z.substring(8,4)
$dtmonth = $z.substring(12,2)
$dtday = $z.substring(14,2)
$Rev = $z.substring(17,3)
$ddate = "$dtmonth" + "/"+ "$dtday" + "/" + "$dtyear"
$DateVirDefs =[datetime]$ddate
$c.Cells.Item($intRow,5) = $DateVirDefs
$c.Cells.Item($intRow,6) = $Rev
$dtdiff = [datetime](get-date -format g) - $DatevirDefs
If ($dtdiff.totaldays -le 2)
{
$c.Cells.Item($intRow,7).Interior.ColorIndex = 4
$c.Cells.Item($intRow,7) = "OK"
}
Else
{
$c.Cells.Item($intRow,7).Interior.ColorIndex = 3
$c.Cells.Item($intRow,7) = "Need Attention!"
}
}
Else
{
$c.Cells.Item($intRow,5).Interior.ColorIndex = 6
$c.Cells.Item($intRow,5) = "Information can't be found"
$c.Cells.Item($intRow,7).Interior.ColorIndex = 6
$c.Cells.Item($intRow,7) = "Need Attention!"
}
}
GetDefInfo
$c.Cells.Item($intRow,8) = Get-date
$intRow = $intRow + 1
}
$d.EntireColumn.AutoFit()
cls