VB icon

Windows Defender Entries Anti Virus Malware

Email
Submitted on: 4/18/2018 1:28:31 PM
By: A_X_O 
Level: Beginner
User Rating: Unrated
Compatibility: VbScript (browser/client side)
Views: 613
 
     Windows 10: Windows Defender Catalogue of Malware, Spyware, Virus, Trojans, Keyloggers and Whatever Else Definitions This script takes a couple of minutes to process all the entries found.

 
code:
Can't Copy and Paste this?
Click here for a copy-and-paste friendly version of this code!
				
'**************************************
' Name: Windows Defender Entries Anti Virus Malware
' Description:Windows 10: Windows Defender Catalogue of Malware, Spyware, Virus, Trojans, Keyloggers and Whatever Else Definitions 
This script takes a couple of minutes to process all the entries found.
' By: A_X_O
'**************************************

'
'------------------------------------------------------------------------------	'
'++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++	'
'		Demonstration: Windows 10, WMI Windows Defender Catalogue	'
'++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++	'
'										'
'	Purpose		:	Demonstrates VBScript List Defender Threats	'
'	-----------------------------------------------------------------------	'
'	Creation Date	: 	18/04/2018 [dd/mm/yyyy]				'
'	Version		:	1.0						'
'	Designer	:	Fabian						'
'										'
'##############################################################################	'
'			MODIFICATION HISTORY					'
'------------------------------------------------------------------------------	'
'	Version		:	1:0	18/04/2018	Create the Sample	'
'										'
'------------------------------------------------------------------------------	'		
'
'	Create the report constants
'
Public Const ForWriting = 2
'
'	Titles Constants for report
'
Public Const ReportTitle = "Windows Defender Details"
Public Const ReportCreate = "Date Information Created:"
Public Const ReportProVer = "Anti Malware Product Version:"
Public Const ReportEngVer = "Anti Malware Engine Version:"
Public Const ReportSigAge = "Anti Spyware Signature Age:"
Public Const ReportScnAge = "Full Scan Age:"
Public Const ReportQckAge = "Quick Scan Age:" 
'
Public Const ReportName = "DefenderReport.txt" 
'
'	Threat Constants for catalogue entries
'
Public Const ThreatListNumber = "List Number:"
Public Const ThreatItmCategory = "Category:"
Public Const ThreatItmName = "Name:"
Public Const ThreatNameSeverity = "Severity:"
Public Const ThreatNameType = "Type:"
'
'	MBox 
'
Public Const MBOX_STRING = "The report has been created in:"
Public Const MBOX_TMESTRING = "Seconds"
Public Const MBOX_TITLE = "Defender Report"
'
'	File System Object and Windows Management Instrumentation Objects
'
Dim FSO
Dim objWMIService
'
'	Get and store the script location, create the report in that location
'
Dim ThePath
Dim FirstTrim
'
'	Store the start time
'
Dim StartTime
'
'	WMI Object return values	
'
Dim StatusItem
Dim ThreatItem
'
'	List counter
'
Dim ICounter
'
'	Store the time in StartTime
'
	StartTime = Time()
'
'	Create the WMI Object
'
Set objWMIService = GetObject("winmgmts:\\.\root\Microsoft\Windows\Defender") 
'
'	Using both, MSFT_MpComputerStatus and MSFT_MpThreatCatalog to pull out the data 
'
Set StatusItems = objWMIService.ExecQuery("SELECT * FROM MSFT_MpComputerStatus",,48) 
Set ThreatItems = objWMIService.ExecQuery("SELECT * FROM MSFT_MpThreatCatalog",,48)
'
'	Create the File System Object
'
Set FSO = CreateObject("Scripting.FileSystemObject")
'
'	Create the text file report to write too.
'
	ThePath = WScript.ScriptFullName
'
	FirstTrim = InstrRev((ThePath), "\", -1, 1)
'
	FilePath = Mid((ThePath),1, FirstTrim)
'
	FilePath = FilePath & ReportName
'
Set BugFileList = FSO.CreateTextFile((FilePath), True)
'
'	Loop through Windows Defender Properties
'
For Each StatusItem in StatusItems
'
With StatusItem
'
	BugFileList.Write (ReportTitle) & _
			VbNewLine & VbNewLine & _
			(ReportCreate) & Space(1) & _
			VbTab & Now() & _
			VbNewLine & _
			(ReportProVer) & _
			VbTab & .AMProductVersion & _
			VbNewLine & _
			(ReportEngVer) & VbTab & .AMEngineVersion & _
			VbNewLine & (ReportSigAge) & _
			VbTab & .AntispywareSignatureAge & _
			VbNewLine & (ReportScnAge) & VbTab & _
			VbTab & VbTab & .FullScanAge & _
			VbNewLine & (ReportQckAge) & Space(1) & VbTab & _
			VbTab & .QuickScanAge & VbNewLine & _
			VbNewLine & String(50,"+") & VbNewLine & VbCrlf 
'
End With
'
Next
'
'	Start counting the entries, usually > 100,000
'
	ICounter = 0
'
For Each ThreatItem in ThreatItems 
'
With ThreatItem
'
	ICounter = ICounter + 1
'
	BugFileList.Write (ThreatListNumber) & Space(1) & _
			VbTab & FormatNumber((ICounter), "0,000") & _
			VbNewLine & VbNewLine & (ThreatItmCategory) & _
			Space(1) & _
			VbTab & .CategoryID & VbNewLine & _
			(ThreatItmName) & Space(1) & _
			VbTab & VbTab & .ThreatName & _
			VbNewLine & (ThreatNameSeverity) & _
			Space(1) & VbTab & .SeverityID & _
			VbNewLine & (ThreatNameType) & Space(1) & VbTab & _
			VbTab & .TypeID & VbNewLine & String(50,"-") & VbCrlf 
'
End With
'
Next
'
	BugFileList.Close
'
Set objWMIService = Nothing
Set StatusItems = Nothing
Set ThreatItems = Nothing
Set FSO = Nothing
'
'
'	Close the file and notify user the report has been created.
'
	tTaken = DateDiff("s", (StartTime), Time())
'
	Msgbox (MBOX_STRING) & Space(1) & (tTaken) & _
			Space(1) & (MBOX_TMESTRING), _
			VbSystemModal + VbExclamation + VbOkOnly, _
			(MBOX_TITLE)
'
'
'


Other 7 submission(s) by this author

 


Report Bad Submission
Use this form to tell us if this entry should be deleted (i.e contains no code, is a virus, etc.).
This submission should be removed because:

Your Vote

What do you think of this code (in the Beginner category)?
(The code with your highest vote will win this month's coding contest!)
Excellent  Good  Average  Below Average  Poor (See voting log ...)
 

Other User Comments


 There are no comments on this submission.
 

Add Your Feedback
Your feedback will be posted below and an email sent to the author. Please remember that the author was kind enough to share this with you, so any criticisms must be stated politely, or they will be deleted. (For feedback not related to this particular code, please click here instead.)
 

To post feedback, first please login.