(imported topic written by SystemAdmin)
I am trying to retrieve the Virus DAT date for Symantec SEP 12.
The registry key is “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV”
With a binary Value of “PatternFileDate” equal to 2b 03 05 00 …
I’ve been able to pull that and convert it to a useful value except it drops the leading zero.
I can make it more readable by concating “/” between the values, but I prefer the results to be like previous versions of SEP.
Here is what the following returns: 201345 - I want it to be 20130405
if (exists key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” of registry) and (exists value “PatternFileDate” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” of registry) then (hexadecimal integer(first 2 of (value “PatternFileDate” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” of registry as string))+ 1970 ) as string & (hexadecimal integer(last 2 of first 4 of(value “PatternFileDate” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” of registry as string))+1) as string & (hexadecimal integer(last 2 of first 6 of(value “PatternFileDate” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\AV” of registry as string))) as string else “Not Installed”
Is there a way to add in the leading zero, or if there is a better way of getting the info I am open to that as well.
Thanks