Re: Mcafee and Norton Anti Virus definition version

["Brian Johnson" <brian.l.johnson () gmail com>]

I wrote a program that does this sort of thing, unfortunately I can't
share it in whole.  There are some reasonable resources on the web if
you are willing to search around.

For Norton:
The registry key you care about is:
HKLM\SOFTWARE\Symantec\SharedDefs\DefWatch\DefVersion
To decode the value to a data I use the following code (where strValue
is the results of the registry query):

        year = strValue(1) * 256 + strValue(0)
        month = strValue(3) * 256 + strValue(2)
        day = strValue(7) * 256 + strValue(6)
        rev = strValue(16)


For McAfee the registry path you care about are:
HKLM\SOFTWARE\Network Associates\TVD\Shared Components\VirusScan Engine\4.0.xx

with the keys:
szEngineVer
szVirDefDate
szVirDefVer

I don't believe that these decode to a date, if I am wrong please correct me.

These are easy to query with WMI.  Microsoft Script Center is a great
resource on how exactly do to this if you haven't done this before.

Good luck!

On Fri, Feb 22, 2008 at 2:50 PM, Abhinav <kabhinav () gmail com> wrote:
> Hello List
>  I  am trying to programmitically find out the virus definition version
>  of the anti -virus software installed. The two anit-virus we use in
>  our company are from Norton and Mcafee.
>  Is there a registry key/or windows api/WMI call that I can use which
>  can provide me this information?
>
>  Thanks
>  -Abhinav