Page 1 of 1 1
Topic Options
#49373 - 2000-03-30 04:39 PM McAfee VirusScan .dat updater
Anonymous
Unregistered


This script will update both Win9x and WinNTWS. (if I can get the service to stop)
both the 3x scan engine and the 4x scan engine.
The problem is stopping a service on the NTWS without giving the domain users admin rights.
Works great on 9x.
mail comments to mikef@madix.com

CODE TO FOLLOW:
;**********************************************************************************
; Author: Michael Lewis Frice
; Email : mikef@madix.com
; Description: This script is called from login script and then simply updates McAfee
; virus scan "Dat" files for versions 3.xx and 4.xx on Windows 95 and NT workstations.
;**********************************************************************************

$RETURNCODES=ExistKey("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\SCAN95")
If $RETURNCODES=0
$win95=Readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\SCAN95","DAT")
$VER=Readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\SCAN95","CURRENTVERSIONNUMBER")
ELSE GOTO NT40
ENDIF

;**********************************************************************************
;**********************************************************************************

IF $VER < 3
GOTO Log
ENDIF

IF $VER => 4
GOTO w95B
ENDIF


if exist ("$win95" + "\backup") = 0
md ("$win95" + "\backup")
endif

if exist ("$win95" + "\TMP") = 0
md ("$win95" + "\TMP")
endif

if exist ("$win95" + "\backup\@ydayno") = 0
md ("$win95" + "\backup\@ydayno")
endif

$backup = $win95 + "\backup\@ydayno"
$source = $win95 + "\*.DAT"
$tmp = $win95 + "\tmp"
$rename = $tmp + "\*.dat *.tmp"
$tmpcopy = $tmp + "\*.tmp"

SHELL '%comspec% /e:1024 /c XCOPY "$source" "$backup"'
shell '%comspec% /e:1024 /c xCOPY \\pdxnt3\vir_upd\DAT_FILE\ver3\*.DAT /d "$tmp"'
shell '%comspec% /e:1024 /c rename c:\progra~1\mcafee\viruss~1\tmp\*.dat *.tmp'
shell '%comspec% /e:1024 /c move "$tmpcopy" "$win95"'
goto wininit

;**********************************************************************************
;****** Windows 9x section VirusScan V 4.x ****************************************
;**********************************************************************************

:w95B

if exist ("$win95" + "\backup") = 0
md ("$win95" + "\backup")
endif

if exist ("$win95" + "\TMP") = 0
md ("$win95" + "\TMP")
endif

if exist ("$win95" + "\backup\@ydayno") = 0
md ("$win95" + "\backup\@ydayno")
endif

$backup = $win95 + "\backup\@ydayno"
$source = $win95 + "\*.DAT"
$tmp = $win95 + "\tmp"
$rename = $tmp + "\*.dat *.tmp"
$tmpcopy = $tmp + "\*.tmp"
SHELL '%comspec% /e:1024 /c XCOPY "$source" "$backup"'
shell '%comspec% /e:1024 /c xCOPY \\pdxnt3\vir_upd\DAT_FILE\ver4\*.DAT /d "$tmp"'
shell '%comspec% /e:1024 /c rename c:\progra~1\mcafee\viruss~1\tmp\*.dat *.tmp'
shell '%comspec% /e:1024 /c move "$tmpcopy" "$win95"'
goto wininit


;**********************************************************************************
;****** Windows NT section*********************************************************
;**********************************************************************************

:NT40

$RETURNCODE=ExistKey("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\VIRUSSCAN")
If $RETURNCODE=0
$NT=Readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\VIRUSSCAN","DAT")
$VER=Readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\MCAFEE\VIRUSSCAN","SZENGINEVER")
else exit
ENDIF

IF $VER < 3
GOTO Log
ENDIF

IF $VER => 4
GOTO NTB
ENDIF

if exist ("$NT" + "\backup") = 0
md ("$NT" + "\backup")
endif
if exist ("$NT" + "\backup\@ydayno") = 0
md ("$NT" + "\backup\@ydayno")
endif
$backup = $NT + "backup\@ydayno"
$source = $NT + "*.DAT"
SHELL '%comspec% /e:1024 /c XCOPY "$source" "$backup"'
SHELL '%comspec% /e:1024 /c net stop "mcafee virusscan task manager"'
SHELL '%comspec% /e:1024 /c XCOPY \\pdxnt3\vir_upd\DAT_FILE\ver3\*.DAT /D "$NT"'
SHELL '%comspec% /e:1024 /c net start "mcafee virusscan task manager"'
GOTO Log

EXIT

;**********************************************************************************
;**********************************************************************************

:NTB
if exist ("$NT" + "\backup") = 0
md ("$NT" + "\backup")
endif

if exist ("$NT" + "\backup\@ydayno") = 0
md ("$NT" + "\backup\@ydayno")
endif

$backup = $NT + "backup\@ydayno"
$source = $NT + "*.DAT"

SHELL '%comspec% /e:1024 /c XCOPY "$source" "$backup"'
SHELL '%comspec% /e:1024 /c net stop "mcafee virusscan task manager"'
SHELL '%comspec% /e:1024 /c XCOPY \\pdxnt3\vir_upd\DAT_FILE\VER4\*.DAT /D "$NT"'
SHELL '%comspec% /e:1024 /c net start "mcafee virusscan task manager"'
GOTO Log

exit

:wininit
;**********************************************************************************
; Create WININIT.INI file so to update SCAN.TMP to SCAN.DAT on reboot
;**********************************************************************************
if Open(1, "c:\windows\wininit.ini", 5) = 0
$x = WriteLine(1, "[rename]" + Chr(13) + Chr(10))
$x = writeline(1, "C:\PROGRA~1\MCAFEE\VIRUSS~1\SCAN.DAT=C:\PROGRA~1\MCAFEE\VIRUSS~1\SCAN.tmp" + chr(13) + chr(10))
$x = writeline(1, "C:\PROGRA~1\MCAFEE\VIRUSS~1\clean.DAT=C:\PROGRA~1\MCAFEE\VIRUSS~1\clean.tmp" + chr(13) + chr(10))
$x = writeline(1, "C:\PROGRA~1\MCAFEE\VIRUSS~1\internet.DAT=C:\PROGRA~1\MCAFEE\VIRUSS~1\internet.tmp" + chr(13) + chr(10))
$x = writeline(1, "C:\PROGRA~1\MCAFEE\VIRUSS~1\polyscan.DAT=C:\PROGRA~1\MCAFEE\VIRUSS~1\polyscan.tmp" + chr(13) + chr(10))
$x = writeline(1, "C:\PROGRA~1\MCAFEE\VIRUSS~1\names.DAT=C:\PROGRA~1\MCAFEE\VIRUSS~1\names.tmp" + chr(13) + chr(10))
close (1)
endif
;**********************************************************************************
;****Log the new virus definiations, the date and the time ***********************
;**********************************************************************************

:Log

IF redirectoutput("\\pdxnt2\kixlogs\workst~1\@wksta\@wksta.vscan.txt") = 0
?"["@wksta"]"
endif
IF $VER < 3
?"Mcafee virus scan ver is to old to update."
?"Virus ScanEngine = $VER"
messagebox("Mcafee virus scan ver is to old to update.", "McAfee Virus Update", 16)
exit
endif
?"Virus ScanEngine = $VER"
?"Dat Files updated "@date
if messagebox("Mcafee virus definiations have been updated. The new definiations will be loaded when Windows is restarted.", "McAfee Virus Update", 64) = 1
endif
exit



Top
#49374 - 2000-04-01 05:07 AM Re: McAfee VirusScan .dat updater
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
What you should do is, instead of stopping the service and copying in the DAT files, is get the update.exe command line out of the registry and Shell it.

I have the script in my office that does it and I can post it Monday, if someone doesn't beat me to it.

_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#49375 - 2000-04-02 12:30 AM Re: McAfee VirusScan .dat updater
Anonymous
Unregistered


Please also send me a copy of the script that makes it possible to update NT clients without changing clients rights.

olivier@home.nl

------------------

Top
#49376 - 2000-04-03 10:32 AM Re: McAfee VirusScan .dat updater
Radimus Moderator Offline
Moderator
*****

Registered: 2000-01-06
Posts: 5187
Loc: Tampa, FL
This is the script that I use to deploy, update and upgrade my clients... you may need to modify some of the variables to fit your environment, but the script is pretty straightforward...


; -------------[ McAfee Section ]-----------------------------
$McAfeeDat="4.0.4071"
$McEngine ="4.0.50"
$DatPath="$server"+"\mcafee$$\WinNT\Update"
$EngPath="$server"+"\mcafee$$\WinNT\Upgrade"
$95McAfeeDat="4.0.4071"
$95McEngine ="4.0.50"
$95DatPath="$server"+"\mcafee$$\Win95\Update"
$95EngPath="$server"+"\mcafee$$\Win95\Upgrade"
; ******************************* McAfee NetShield Section ***********************************
$eng=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szEngineVer")
if @error
? color r+/n " McAfee NetShield is not installed" color w/n
shell("$server"+"\mcafee$$\winnt\install\setup.exe -s")
else
; ********************************** Upgrade Engine Section ***********************************
? " Installed "color c+/n"McAfee NetShield "color w/n"is version " color w+/n $eng color w/n
if $eng<$McEngine
$McAfeeEngKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan\Tasks\Upgrade"
$mceng=READVALUE("$McAfeeEngKey", "szUpgradeCMD")
$RET=WRITEVALUE("$McAfeeEngKey", "szUpdateUncLocation", "$EngPath", "REG_SZ")
$RET=WRITEVALUE("$McAfeeEngKey", "uUpdateFrom", "1", "REG_DWORD")
? color g+/n" The Antivirus Program on your computer is being updated" color w/n
shell "$engpath"+"\"+"$mceng"
endif
; *********************************** Update DAT Section *************************************
$dat=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szVirDefVer")
$Mcdate=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szVirDefDate")
? " Installed "color c+/n"McAfee DAT "color w/n"is version " color w+/n $dat color w/n " dated " color w+/n $Mcdate color w/n
if $dat<$McAfeeDat
? color g+/n" Updating Antivirus signatures" color w/n
$McAfeeRegKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan"
$mcexe=READVALUE("$McAfeeRegKey", "szUpdateEXE")
$RET=WRITEVALUE("$McAfeeRegKey"+"\Tasks\Update", "szUpdateUncLocation", "$DatPath", "REG_SZ")
$RET=WRITEVALUE("$McAfeeRegKey"+"\Tasks\Update", "uUpdateFrom", "1", "REG_DWORD")
shell "$mcexe /task update"
; ********************************* Alert Recipients Section *********************************
$McAfeeAltKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\AlertManager\Recipients"
$Rep='Priority Level:"1" Type:"Network Message" Recipient:"\\'
$ret=writevalue("$McAfeeAltKey","Recipient0","$rep"+%areamis%+chr(34),"REG_SZ")
$ret=writevalue("$McAfeeAltKey","Recipient1","$rep"+$dcsa+chr(34),"REG_SZ")
endif
endif

_________________________
How to ask questions the smart way <-----------> Before you ask

Top
#49377 - 2001-10-06 12:41 AM Re: McAfee VirusScan .dat updater
philos_genius Offline
Lurker

Registered: 2001-05-22
Posts: 4
Loc: Abidjan
Hi Radimus,

I am a newbie to KIX, i need some help with McAfee.
I read with interest your Kix code about the subject. I've modified some variables to fit my environnement, but the script does'nt work.

Especially the Upgrade Engine Section.

The changes i made :

:McAfeeUpdate
; -------------[ McAfee Section ]-----------------------------

$McAfeeDat="4.0.4163"
$McEngine ="4.1.50"
$DatPath="\\Myserver\share\WinNT\Update"
$EngPath="\\Myserver\share\WinNT\Upgrade"
$95McAfeeDat="4.0.4163"
$95McEngine ="4.1.50"
$95DatPath="\\Myserver\share\Win95\Update"
$95EngPath="\\Myserver\share\Win95\Upgrade"

; ******************************* McAfee NetShield Section ***********************************

$eng=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szEngineVer")
if @error
? color r+/n " McAfee NetShield is not installed" color w/n
shell("\\Myserver\share\winnt\install\setup.exe -s")
else

; ********************************** Upgrade Engine Section ***********************************

? " Installed "color c+/n"McAfee NetShield "color w/n"is version " color w+/n $eng color w/n
if $eng<$McEngine
$McAfeeEngKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan\Tasks\Upgrade"
$mceng=READVALUE("$McAfeeEngKey", "szUpgradeCMD")
$RET=WRITEVALUE("$McAfeeEngKey", "szUpdateUncLocation", "$EngPath", "REG_SZ")
$RET=WRITEVALUE("$McAfeeEngKey", "uUpdateFrom", "1", "REG_DWORD")
? color g+/n" The Antivirus Program on your computer is being updated" color w/n
shell "\\Myserver\share\WiNT\Upgrade"+"\"+"$mceng"
endif

; *********************************** Update DAT Section *************************************

$dat=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szVirDefVer")
$Mcdate=readvalue("HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan", "szVirDefDate")
? " Installed "color c+/n"McAfee DAT "color w/n"is version " color w+/n $dat color w/n " dated " color w+/n $Mcdate color w/n
if $dat<$McAfeeDat
? color g+/n" Updating Antivirus signatures" color w/n
$McAfeeRegKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\VirusScan"
$mcexe=READVALUE("$McAfeeRegKey", "szUpdateEXE")
$RET=WRITEVALUE("$McAfeeRegKey"+"\Tasks\Update", "szUpdateUncLocation", "$DatPath", "REG_SZ")
$RET=WRITEVALUE("$McAfeeRegKey"+"\Tasks\Update", "uUpdateFrom", "1", "REG_DWORD")
shell "$mcexe /task update"

; ********************************* Alert Recipients Section *********************************

$McAfeeAltKey="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\AlertManager\Recipients"
$Rep='Priority Level:"1" Type:"Network Message" Recipient:"\\'
$ret=writevalue("$McAfeeAltKey","Recipient0","$rep"+%areamis%+chr(34),"REG_SZ")
$ret=writevalue("$McAfeeAltKey","Recipient1","$rep"+$dcsa+chr(34),"REG_SZ")
endif
endif

_________________________
PG

Top
#49378 - 2001-10-05 04:06 PM Re: McAfee VirusScan .dat updater
Kdyer Offline
KiX Supporter
*****

Registered: 2001-01-03
Posts: 6241
Loc: Tigard, OR
Here is a version that we have used that works great too - http://www.utdallas.edu/~pauls/scripts.html for updating DATs, Engines, etc.

Also, if you are interested... Here is an automated batch script that only works on NT/2K for checking for new .DAT files via FTP. Just set it up on AT or MSTASK and you should be good to go..

FTPCHECK.BAT

code:

@ECHO OFF
::FTPCHECK.BAT - by Kent Dyer
::Original version published on Brainbuzz.com on 12/20/2000
:: http://itresources.brainbuzz.com/tutorials/tutorial.asp?t=S1TU1071&tn=Check+if+FTP+file+has+changed&pi=S4C16&pn=95%2F98%2FNT+Batch+Files
:: New version on 6/21/01 - Adds in ability to get files if there are changes!
::FTP into the site using a script
ftp -s:%0\..\login.sc ftp.nai.com

::Create variables to check
FOR /F "tokens=*" %%A IN ('TYPE %0\..\new ^| SORT') DO set new= %%A
FOR /F "tokens=*" %%B IN ('TYPE %0\..\old ^| SORT') DO set old= %%B

::Are the Files equal??
IF %new% == %old% GOTO FILESEQ
IF NOT %new% == %old% GOTO FILESNEQ

: o Nothing
:FILESEQ
ECHO FILES ARE EQUAL
GOTO END

::Create alert
:FILESNEQ
ECHO FILES ARE NOT EQUAL
::Go Grab the new files
ftp -s:%0\..\newfiles.sc ftp.nai.com
::Send an alert
%0\..\postie.exe -host:smtp.server.com -to:mail@domain.com -from:"DATCheck" -s:"DAT Update has arrived." -msg:"%new% has arrived at Network Associates"
::The file is newer and copy to new so we don't get told about it till the next update
COPY new old > NUL
GOTO END

:END


Login.sc file (FTP Commands). Note the ls line as gets the zip file and copies it to the location where the BAT is being executed from. You could also use mdir. You may also need to a y on the next line from ls.

code:

anonymous
user@domain.com
cd pub/datfiles/english/
ls *.zip \\machine\d$\batch\new
bye

Newfiles.sc file (FTP Commands).

code:

anonymous
user@domain.com
cd /pub/antivirus/datfiles/4.x
::Turn Prompting off - Needed for Microsoft FTP clients. UNIX should be turned off.
prompt
Mget sdat*.*
Mget dat*.zip
Mget dat*.tar
get update.ini
get delta.ini
bye

NEW - File created each time..

code:

sdat4124.zip

OLD - File copied over from NEW, if changed.

code:

sdat4124.zip


HTH,

- Kent

_________________________
Utilize these resources:
UDFs (Full List)
KiXtart FAQ & How to's

Top
Page 1 of 1 1


Moderator:  Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart 
Hop to:
Shout Box

Who's Online
0 registered and 300 anonymous users online.
Newest Members
Thechadpma, CestMoi, MeMyselfAndI, Praveer, Ollero
17745 Registered Users

Generated in 0.09 seconds in which 0.071 seconds were spent on a total of 12 queries. Zlib compression enabled.

Search the board with:
superb Board Search
or try with google:
Google
Web kixtart.org