(view source code of secstat2.vbs as plain text)
Option Explicit
Dim arrOSVer
Dim blnDomainMember, blnWFwEnabled, blnWUAUServ, blnWUOK
Dim dtmLastCheck
Dim intLC, intLD, intLI, intMonth, intToday, lngProductState
Dim colItems, objFSO, objItem, objReg, objWMIService, wshShell
Dim strComputer, strLastBoot, strLastCheck, strLastDownload
Dim strLastInstall, strLB, strMsg, strProductName, strProductPath
Dim strRegKey, strProductVersion, strTmpMsg, strWUMsg
Const HKLM = &H80000002
blnWUOK = True
With WScript.Arguments
If .Named.Count > 0 Then
If .Named.Exists( "?" ) And .Named.Count = 1 Then
Syntax ""
Else
Syntax "Invalid command line switches"
End If
End If
If .Unnamed.Count > 1 Then
Syntax "Invalid number of command line arguments"
End If
If .Unnamed.Count = 1 Then
strComputer = UCase( .Unnamed(0) )
Else
strComputer = "."
End If
End With
Set objFSO = CreateObject( "Scripting.FileSystemObject" )
Set wshShell = CreateObject( "WScript.Shell" )
' First check the OS version: Vista (6.0) is the minimum required
Set objWMIService = GetObject( "winmgmts://" & strComputer & "/root/cimv2" )
Set colItems = objWMIService.ExecQuery( "Select * from Win32_OperatingSystem", , 48 )
For Each objItem in colItems
' Read and store date and time of last boot
strLB = Left( objItem.LastBootUpTime, 14 )
strLastBoot = Left( strLB, 4 ) & "-" & Mid( strLB, 5, 2 ) & "-" _
& Mid( strLB, 7, 2 ) & " " & Mid( strLB, 9, 2 ) & ":" _
& Mid( strLB, 11, 2 ) & ":" & Mid( strLB, 13, 2 )
' Read and check Windows version
arrOSVer = Split( objItem.Version, "." )
If arrOSVer(0) < 5 Then
Syntax "This script requires Windows Vista or later." & vbCrLf _
& vbtab & "OS version detected: " & objItem.Caption & " SP " _
& objItem.ServicePackMajorVersion & "." _
& objItem.ServicePackMinorVersion & "."
End If
If arrOSVer(0) < 6 Then
Syntax "SecStat2.vbs requires Windows Vista or later." & vbCrLf _
& vbtab & "OS version detected: " & objItem.Caption & " SP " _
& objItem.ServicePackMajorVersion & "." _
& objItem.ServicePackMinorVersion & vbCrLf _
& vbTab & "For Windows XP SP2 or SP3 use SecStat.vbs instead of SecStat2.vbs"
End If
Next
' Check if the computer is a domain member
Set colItems = objWMIService.ExecQuery( "Select * from Win32_ComputerSystem" )
For Each objItem in colItems
blnDomainMember = CBool( objItem.PartOfDomain )
Next
' Check if Windows Update service is running
Set colItems = objWMIService.ExecQuery( "Select * From Win32_Service Where Name='wuauserv'", , 48 )
For Each objItem in colItems
blnWUAUServ = ( objItem.State = "Running" )
Next
' Custom error handling is required, since many properties to be queried may be invalid for the installed security products
On Error Resume Next
' Connect to the local or remote SecurityCenter through WMI
Set objWMIService = GetObject( "winmgmts:{impersonationLevel=impersonate}!//" & strComputer & "/root/SecurityCenter2" )
If Err Then
If strComputer = "." Then
Syntax "Could not connect to SecurityCenter2"
Else
Syntax "Could not connect to SecurityCenter2 on " & strComputer
End If
End If
' Query the installed AntiVirus product
strMsg = vbCrLf & "AntiVirus:" & vbCrLf
If InStr( UCase( WScript.FullName ), "\CSCRIPT.EXE" ) Then strMsg = strMsg & "=========="
Set colItems = objWMIService.ExecQuery( "SELECT * FROM AntiVirusProduct" )
If Err Then
strMsg = strMsg & vbCrLf & "No AntiVirus product detected by WMI"
ElseIf colItems.Count = 0 Then
strMsg = strMsg & vbCrLf & "No AntiVirus product detected by WMI"
End If
For Each objItem in colItems
With objItem
strProductName = .displayName
strProductPath = wshShell.ExpandEnvironmentStrings( .pathToSignedProductExe )
strProductVersion = objFSO.GetFileVersion( strProductPath )
lngProductState = CLng( .productState )
strMsg = strMsg & vbCrLf & strProductName & ", Version " & strProductVersion
strTmpMsg = "Warning: unable to determine on-access scanning status!"
If ( lngProductState And &H001000& ) = &H001000& Then
strTmpMsg = "On-access scanning is enabled"
Else
strTmpMsg = "Warning: on-access scanning is disabled!"
End If
strMsg = strMsg & vbCrLf & strTmpMsg
strTmpMsg = "Warning: unable to determine whether virus definitions are up-to-date or not!"
If ( lngProductState And &H000010& ) = 0 Then
strTmpMsg = "Virus definitions are up-to-date"
Else
strTmpMsg = "Warning: virus definitions are NOT up-to-date!"
End If
strMsg = strMsg & vbCrLf & strTmpMsg
End With
strMsg = strMsg & vbCrLf
Next
' Query the installed AntiSpyware product
strMsg = strMsg & vbCrLf & "AntiSpyware:" & vbCrLf
If InStr( UCase( WScript.FullName ), "\CSCRIPT.EXE" ) Then strMsg = strMsg & "============"
Set colItems = objWMIService.ExecQuery( "SELECT * FROM AntiSpywareProduct" )
If Err Then
strMsg = strMsg & vbCrLf & "No AntiSpyware product detected by WMI"
ElseIf colItems.Count = 0 Then
strMsg = strMsg & vbCrLf & "No AntiSpyware product detected by WMI"
End If
For Each objItem in colItems
With objItem
strProductName = .displayName
strProductPath = wshShell.ExpandEnvironmentStrings( .pathToSignedProductExe )
strProductVersion = objFSO.GetFileVersion( strProductPath )
lngProductState = CLng( .productState )
strMsg = strMsg & vbCrLf & strProductName & ", Version " & strProductVersion
strTmpMsg = "Warning: unable to determine on-access scanning status!"
If ( lngProductState And &H001000& ) = &H001000& Then
strTmpMsg = "On-access scanning is enabled"
Else
strTmpMsg = "Warning: on-access scanning is disabled!"
End If
strMsg = strMsg & vbCrLf & strTmpMsg
strTmpMsg = "Warning: unable to determine whether malware definitions are up-to-date or not!"
If ( lngProductState And &H000010& ) = 0 Then
strTmpMsg = "Malware definitions are up-to-date"
Else
strTmpMsg = "Warning: malware definitions are NOT up-to-date!"
End If
strMsg = strMsg & vbCrLf & strTmpMsg
End With
strMsg = strMsg & vbCrLf
Next
' Query the installed Firewall product
strMsg = strMsg & vbCrLf & "Firewall:" & vbCrLf
If InStr( UCase( WScript.FullName ), "\CSCRIPT.EXE" ) Then strMsg = strMsg & "========="
Set colItems = objWMIService.ExecQuery( "SELECT * FROM FirewallProduct" )
If Err Then
strMsg = strMsg & vbCrLf & "No third party firewall detected by WMI"
ElseIf colItems.Count = 0 Then
strMsg = strMsg & vbCrLf & "No third party firewall detected by WMI"
End If
For Each objItem in colItems
With objItem
strProductName = .displayName
strProductVersion = objFSO.GetFileVersion( .pathToSignedProductExe )
lngProductState = CLng( .productState )
strMsg = strMsg & vbCrLf & strProductName & ", Version " & strProductVersion
strTmpMsg = "Warning: unable to determine whether third party firewall is enabled or not!"
If ( lngProductState And &H010000& ) = &H001000& Then
strTmpMsg = "Third party firewall is enabled"
Else
strTmpMsg = "Warning: third party firewall is disabled!"
End If
strMsg = strMsg & vbCrLf & strTmpMsg
End With
strMsg = strMsg & vbCrLf
Next
strRegKey = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\"
If blnDomainMember Then
strRegKey = strregkey & "DomainProfile"
Else
strRegKey = strregkey & "StandardProfile"
End If
strRegKey = strregkey & "\EnableFirewall"
blnWFwEnabled = ( wshShell.RegRead( strRegKey ) = 1 )
If Err Then
strTmpMsg = "Warning: unable to determine whether Windows Firewall is enabled or not!"
Else
If blnWFwEnabled Then
strTmpMsg = "Windows Firewall is enabled"
Else
strTmpMsg = "Warning: Windows Firewall is disabled!"
End If
End If
strMsg = strMsg & vbCrLf & strTmpMsg
strMsg = strMsg & vbCrLf & vbCrLf & "Windows Update:" & vbCrLf
If InStr( UCase( WScript.FullName ), "\CSCRIPT.EXE" ) Then strMsg = strMsg & "==============="
' Check if the Windows Update service is running
If blnWUAUServ Then
strMsg = strMsg & vbCrLf & "Windows Update Service is active"
Else
strMsg = strMsg & vbCrLf & "Warning: Windows Update Service NOT active!"
blnWUOK = False
End If
' Windows Update results are read from the registry
Set objReg = GetObject( "winmgmts:{impersonationLevel=impersonate}!//" & strComputer & "/root/default:StdRegProv" )
strRegKey = "SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\"
' Read the time and date of the last successful download
objReg.GetStringValue HKLM, strRegKey & "Download", "LastSuccessTime", strLastDownload
strWUMsg = vbCrLf & "Last Download : " & strLastDownload
' Convert the time and date string to a long integer
intLD = Left( strLastDownload, 10 )
intLD = Replace( IntLD, " ", "" )
intLD = Replace( intLD, "-", "" )
intLD = Replace( intLD, ":", "" )
intLD = CLng( intLD )
' Read the time and date of the last successful install
objReg.GetStringValue HKLM, strRegKey & "Install", "LastSuccessTime", strLastInstall
strWUMsg = strWUMsg & vbCrLf & "Last Install : " & strLastInstall
' Convert the time and date string to a long integer
intLI = Left( strLastInstall, 10 )
intLI = Replace( intLI, " ", "" )
intLI = Replace( intLI, "-", "" )
intLI = Replace( intLI, ":", "" )
intLI = CLng( intLI )
' Insert the line with the last reboot date and time
strWUMsg = strWUMsg & vbCrLf & "Last Reboot : " & strLastBoot
' Read the time and date of the last successful check for new updates
objReg.GetStringValue HKLM, strRegKey & "Detect", "LastSuccessTime", strLastCheck
strWUMsg = strWUMsg & vbCrLf & "Last Check : " & strLastCheck
' Convert the time and date string to a long integer
intLC = Left( strLastCheck, 10 )
dtmLastCheck = CDate( intLC )
On Error Goto 0
' WU check includes the following requirements:
' * Automatic Updates service must be running
' * last successful download must be BEFORE last successful install
' * last reboot must be AFTER last successful install
' * last check must be no more than 7 days ago
' If any of these tests fails, all intermediate results will be displayed,
' if all tests are passed, a brief summary will be displayed
If intLD > intLI Then
strWUMsg = strWUMsg & vbCrLf & "Warning: last install was unsuccessful!"
blnWUOK = False
End If
If DateDiff( "d", dtmLastCheck, Now ) > 7 Then
strWUMsg = strWUMsg & vbCrLf & "Warning: the last check was " & DateDiff( "d", dtmLastCheck, Now ) & " days ago!"
blnWUOK = False
End If
If CLng( Left( strLB, 8 ) ) < intLI Then
strWUMsg = strWUMsg & vbCrLf & "Warning: a reboot is required!"
blnWUOK = False
End If
' Forget the intermediate results if everything turns out OK
If blnWUOK Then strWUMsg = vbCrLf & "Windows Update reports: everything OK"
WScript.Echo strMsg & strWUMsg
Set objFSO = Nothing
Set objReg = Nothing
Set colItems = Nothing
Set objWMIService = Nothing
Set wshShell = Nothing
Sub Syntax( myMsg )
If myMsg <> "" Then
strMsg = vbcrlf & "Error:" & vbTab & myMsg & vbCrLf
Else
strMsg = ""
End If
strMsg = strMsg & vbCrLf _
& "SecStat2.vbs, Version 1.01 for Windows Vista and later" _
& vbCrLf _
& "Display a SecurityCenter2 and Windows Update status overview for any computer" _
& vbCrLf & vbCrLf _
& "Usage: " & vbTab & "SECSTAT.VBS" & vbTab & "[ computer ]" _
& vbCrLf & vbCrLf _
& "Where: " & vbTab & """computer""" & vbTab & "is an optional remote computer name" _
& vbCrLf _
& " " & vbTab & vbTab & vbTab & "(default is the local computer)" _
& vbCrLf & vbCrLf _
& "Credits:" & vbTab & "Inspired by a blog entry on neophob.com:" _
& vbCrLf _
& " " & vbTab & "http://neophob.com/2010/03/#post-154" _
& vbCrLf & vbCrLf _
& "Use WBEMTEST.EXE (or WMIGEN.HTA) to find all properties for specific products." _
& vbCrLf & vbCrLf _
& "Written by Rob van der Woude" _
& vbCrLf _
& "http://www.robvanderwoude.com"
WScript.Echo strMsg
WScript.Quit 1
End Sub
page last modified: 2024-04-16; loaded in 0.0107 seconds