Powershell Script to get Mcaffe Information


Hello,

This Powershell script is to check ProductVersion, EngineVersion, DatVersion, AVDatDate, for the Mcaffe anti-virus.
You can also adapt this script for other things, if you need to read from registry, just like I did :).

######################################
#——————————————————
# get-content <list of servers.txt> | .\Script.ps1
# or
# get-content <list of servers.txt> | .\Script.ps1 | FT
#——————————————————
Begin {

function GetHKLMRegValue ( $cn, $key, $value ) {
$ErrorActionPreference = “SilentlyContinue”
$root = “LocalMachine”
$rootkey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( $root, $cn )
$key = $rootkey.OpenSubKey( $key )
$key.GetValue( $value )
}

$sKeyPath1 = “SOFTWARE\McAfee\DesktopProtection”
$sKeyPath2 = “SOFTWARE\McAfee\AVEngine”
$sProductVer = “szProductVer”
$sEngineVer3 = “EngineVersionMajor”
$sVirDefVer = “AVDatVersion”
$sVirDefdate = “AVDatDate”

}
Process {

$Output = “” | Select-Object Server, ProductVersion, EngineVersion, DatVersion, AVDatDate

if ( GetHKLMRegValue -cn $_ -key $sKeyPath1 -value $sProductVer ) {
$output.Server = $_
$output.ProductVersion = GetHKLMRegValue -cn $_ -key $sKeyPath1 -value $sProductVer
$output.EngineVersion = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sEngineVer3
$output.DatVersion = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sVirDefVer
$output.AVDatDate = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sVirDefdate
} else {
Write-Output “Check Server $_”
}
$output
}

######################################

Advertisements

2 thoughts on “Powershell Script to get Mcaffe Information

  1. If we ran the script. getting blank output

    Check Server : server name

    Server :server name
    ProductVersion :
    EngineVersion :
    DatVersion :
    AVDatDate :

    • Hy,

      If you have a x64 computers, you may need to change the registry key in the $sKeypath1 and 2;

      ######################################
      #——————————————————
      # get-content | .\Script.ps1
      # or
      # get-content | .\Script.ps1 | FT
      #——————————————————
      Begin {

      function GetHKLMRegValue ( $cn, $key, $value ) {
      $ErrorActionPreference = “SilentlyContinue”
      $root = “LocalMachine”
      $rootkey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey( $root, $cn )
      $key = $rootkey.OpenSubKey( $key )
      $key.GetValue( $value )
      }

      $sKeyPath1 = “SOFTWARE\Wow6432Node\McAfee\DesktopProtection”
      $sKeyPath2 = “SOFTWARE\Wow6432Node\McAfee\AVEngine”
      $sProductVer = “szProductVer”
      $sEngineVer3 = “EngineVersionMajor”
      $sVirDefVer = “AVDatVersion”
      $sVirDefdate = “AVDatDate”

      }
      Process {

      $Output = “” | Select-Object Server, ProductVersion, EngineVersion, DatVersion, AVDatDate

      if ( GetHKLMRegValue -cn $_ -key $sKeyPath1 -value $sProductVer ) {
      $output.Server = $_
      $output.ProductVersion = GetHKLMRegValue -cn $_ -key $sKeyPath1 -value $sProductVer
      $output.EngineVersion = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sEngineVer3
      $output.DatVersion = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sVirDefVer
      $output.AVDatDate = GetHKLMRegValue -cn $_ -key $sKeyPath2 -value $sVirDefdate
      } else {
      Write-Output “Check Server $_”
      }
      $output
      }

      ######################################

      Try wiht this one.
      Thanks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s