Re: Mcafee and Norton Anti Virus definition version

["Micheal Espinola Jr" <michealespinola () gmail com>]

Since we are sharing:

On Windows, I use the kixtart scripting environment for my logon
scripts, and use its built-in "GetFileVersion" function to get the
file versions of the definition files.

There are also command-line utils for various platforms that can do the same.


On Fri, Feb 29, 2008 at 12:18 PM, Brian Johnson
<brian.l.johnson () gmail com> wrote:
> I wrote a program that does this sort of thing, unfortunately I can't
> share it in whole.  There are some reasonable resources on the web if
> you are willing to search around.
>
> For Norton:
> The registry key you care about is:
> HKLM\SOFTWARE\Symantec\SharedDefs\DefWatch\DefVersion
> To decode the value to a data I use the following code (where strValue
> is the results of the registry query):
>
>        year = strValue(1) * 256 + strValue(0)
>        month = strValue(3) * 256 + strValue(2)
>        day = strValue(7) * 256 + strValue(6)
>        rev = strValue(16)
>
>
> For McAfee the registry path you care about are:
> HKLM\SOFTWARE\Network Associates\TVD\Shared Components\VirusScan Engine\4.0.xx
>
> with the keys:
> szEngineVer
> szVirDefDate
> szVirDefVer
>
> I don't believe that these decode to a date, if I am wrong please correct me.
>
> These are easy to query with WMI.  Microsoft Script Center is a great
> resource on how exactly do to this if you haven't done this before.
>
> Good luck!
>
> On Fri, Feb 22, 2008 at 2:50 PM, Abhinav <kabhinav () gmail com> wrote:
>
> > Hello List
> >  I  am trying to programmitically find out the virus definition version
> >  of the anti -virus software installed. The two anit-virus we use in
> >  our company are from Norton and Mcafee.
> >  Is there a registry key/or windows api/WMI call that I can use which
> >  can provide me this information?
> >
> >  Thanks
> >  -Abhinav



-- 
ME2