From 343e4aa9719377cbf5d0bee822435a6025dec686 Mon Sep 17 00:00:00 2001 From: Cliczone <56260838+Cliczone@users.noreply.github.com> Date: Mon, 28 Dec 2020 15:53:36 +0100 Subject: [PATCH 1/2] Retriving Cylance PROTECT Version --- AV Status/AVStatus.vbs | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/AV Status/AVStatus.vbs b/AV Status/AVStatus.vbs index 4733a7f..e8f2edf 100644 --- a/AV Status/AVStatus.vbs +++ b/AV Status/AVStatus.vbs @@ -51,6 +51,7 @@ Dim strTrendVerLen, InstalledAV1, serviceactive Dim strAvastRegPath32, strAvastInstallPath, strAvastRegPath64 Dim strViprebusinessAgt, strViprebusiness64Agt , strVipreBusinessAgtLoc, strViprebusinessAgt1, strVIPREBusinessOnlineKeyPath Dim strMalwareBytesRegPath64, SCEPInstalled, FoundGUID, StatusCode, StatusText +Dim strCylancestatuspath Dim sMonth, sDay, sYear, sHour, sMinutes, sSeconds, strTMMSARegPath, recentFile, NamespacetoCheck, strTMDSARegPath, fileSystem, folder, file, newestfile, ProgramFiles64, stravg2016defpath, stravg2016regpath, colServices, objService Dim strNormanregpath32, strNormanregpath64, strNormanrootpath, boolNormanversion9, strNormandefpath, strKasperskyStandAlonePath, LastUpdateDate, AVGBusSecDataFolder, arrIniFileLines, ProviderRealTimeScanningEnabled, UserRealTimeScanningDisabled Dim objFileToRead, objFileToWrite, node, UpToDateState, strFortiClientPath, FortiClientInstallPath, objApp, strKasperskyKESServerAVVersionPath, strSophosVirtualAVKeyPath, RawProtectionStatus, strPandaAdaptiveDefencePath64, strPandaAdaptiveDefencePath32 @@ -507,6 +508,7 @@ Sub DetectInstalledAV strFortiClientPath = "SOFTWARE\Fortinet\FortiClient\FA_FMON" strPandaAdaptiveDefencePath64 = "Software\wow6432node\Panda Security\Nano Av\Setup" strPandaAdaptiveDefencePath32 = "Software\Panda Security\Nano Av\Setup" + strCylancestatuspath = ProgramData & "\Cylance\Status" @@ -895,10 +897,26 @@ Sub DetectInstalledAV Else OnAccessScanningEnabled = FALSE End If + output.writeline "- Is Real Time Scanning Enabled? " & OnAccessScanningEnabled ProductUpToDate = "TRUE" - FormattedAVVersion = "Unknown" + FormattedAVVersion = "Unknown" + Set objFSO = CreateObject("Scripting.FileSystemObject") + If objFSO.FolderExists(strCylancestatuspath) Then + If objFSO.FileExists(strCylancestatuspath & "\Status.json") Then + Set objFile = objFSO.OpenTextFile(strCylancestatuspath & "\Status.json", 1) + Do Until objFile.AtEndOfStream + strLine = objFile.ReadLine + If InStr(strLine, "version") Then + FormattedAVVersion= left(right(strLine,13),11) + MsgBox FormattedAVVersion + End If + Loop + + objFile.Close + End If + End If '--- Check for AVG Business Security --- ElseIf objFSO.FileExists(ProgramData & "\AVG\Persistent Data\Antivirus\Logs\update.log") Then From 8186c895a1846ee247ae75712997b4412be84789 Mon Sep 17 00:00:00 2001 From: Cliczone <56260838+Cliczone@users.noreply.github.com> Date: Wed, 30 Dec 2020 16:23:15 +0100 Subject: [PATCH 2/2] Removing MsgBox information --- AV Status/AVStatus.vbs | 1 - 1 file changed, 1 deletion(-) diff --git a/AV Status/AVStatus.vbs b/AV Status/AVStatus.vbs index e8f2edf..1d68c8b 100644 --- a/AV Status/AVStatus.vbs +++ b/AV Status/AVStatus.vbs @@ -910,7 +910,6 @@ Sub DetectInstalledAV strLine = objFile.ReadLine If InStr(strLine, "version") Then FormattedAVVersion= left(right(strLine,13),11) - MsgBox FormattedAVVersion End If Loop