Photo by Digital Buggu on


It is crucial to have Antivirus definitions updated on your home computer or servers. But these antivirus clients stop working every now & then.

Most of the organization would have a separate team monitoring antiviruses but It is the responsibility of service owner to monitor their own servers as well. This script will help you there.

I had a script collected from somewhere few years back, I re-purposed it to look for CB Defense Antivirus Definition, You can use this script and it’s concept to find antivirus version for many different type of server.


You can either download it from One Drive Link or paste content of respective content to CarbonBlackDefinition.ps1 & Server.txt

Obviously, type your server names in server.txt.

GitHub Link


You copy content of script here. There are only 2 files, Save them in CB folder on your desktop and name them as above screenshot.


$report = "CarbonBlack.htm" 
Function writeHtmlHeader  
$date = ( get-date ).ToString('yyyy/MM/dd')  
Add-Content $fileName "<html>" 
Add-Content $fileName "<head>" 
Add-Content $fileName "<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>" 
Add-Content $fileName '<title>CarbonBlack Antivirus Report</title>' 
add-content $fileName '<STYLE TYPE="text/css">' 
add-content $fileName  "<!--" 
add-content $fileName  "td {" 
add-content $fileName  "font-family: Tahoma;" 
add-content $fileName  "font-size: 11px;" 
add-content $fileName  "border-top: 1px solid #999999;" 
add-content $fileName  "border-right: 1px solid #999999;" 
add-content $fileName  "border-bottom: 1px solid #999999;" 
add-content $fileName  "border-left: 1px solid #999999;" 
add-content $fileName  "padding-top: 0px;" 
add-content $fileName  "padding-right: 0px;" 
add-content $fileName  "padding-bottom: 0px;" 
add-content $fileName  "padding-left: 0px;" 
add-content $fileName  "}" 
add-content $fileName  "body {" 
add-content $fileName  "margin-left: 5px;" 
add-content $fileName  "margin-top: 5px;" 
add-content $fileName  "margin-right: 0px;" 
add-content $fileName  "margin-bottom: 10px;"
add-content $fileName  "" 
add-content $fileName  "table {" 
add-content $fileName  "border: thin solid #000000;" 
add-content $fileName  "}" 
add-content $fileName  "-->" 
add-content $fileName  "</style>" 
Add-Content $fileName "</head>" 
Add-Content $fileName "<body>" 
add-content $fileName  "<table width='85%'>" 
add-content $fileName  "<tr bgcolor='#CCCCCC'>" 
add-content $fileName  "<td colspan='7' height='25' align='center'>" 
add-content $fileName  "<font face='Tahoma' color='#003399' size='4'><strong>CarbonBlack Antivirus Report - $date</strong></font>" 
add-content $fileName  "</td>" 
add-content $fileName  "</tr>" 
add-content $fileName  "</table>" 

writeHtmlHeader $report

#Declaring the variable for Header's backgroundcolor
$color = '#5D86B0'

# Function to write the HTML Header to the file 

Function writeTableHeader1 
add-Content $fileName "<table width ='85%'>"
Add-Content $fileName "<tr bgcolor= $color>" 
add-content $fileName "<td width='10%' align='center'><strong>ServerName</strong></td>"

add-content $fileName "<td width='10%' align='center'><strong>CBDefenseAvLastUpdate</strong></td>" 
Add-Content $fileName "</tr>"
writetableheader1 $report

$File = get-content "$Home\Desktop\CB\servers.txt"
foreach ($line in $file)

$ServerName = $line

#Continue the script even if an error happens
 trap [Exception] {continue}
$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$ServerName)
$DefsReg = "SYSTEM\CurrentControlSet\Services\CbDefense\Scanner"

# Obtain Pattern File Date Value
$AVRegKey = $reg.opensubkey($DefsReg)
$AVPatternFileDate = $AVRegKey.GetValue('SnaiUpdateTime')
# Convert epoch to readable date
$origin = New-Object -Type DateTime -ArgumentList 1970, 1, 1, 0, 0, 0, 0
$CBDefenseAvLastUpdate = $origin.AddSeconds($AVPatternFileDate)

$a = "<style>"
$a = $a + "BODY{background-color:peachpuff;}"
$a = $a + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
$a = $a + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;}"
$a = $a + "TD{border-width: 1px;padding: 0px;border-style: solid;border-color: black;}"
$a = $a + "</style>"

$MYObject = “” | Select-Object ServerName, CBDefenseAvLastUpdate
$MYObject.ServerName = $ServerName
$MYObject.CBDefenseAvLastUpdate = $CBDefenseAvLastUpdate

Add-Content $report "<td bgcolor = '#C0C0C0' align='center'>$ServerName</td>"
Add-Content $report "<td bgcolor = '#C0C0C0' align='center'>$CBDefenseAvLastUpdate</td>"
Add-Content $report "</tr>"


Function writeHtmlFooter  
 Add-Content $fileName "</body>" 
 Add-Content $fileName "</html>" 
writeHtmlFooter $report



Output of script

Output will be written to CarbonBlack.htm file. You can send this via email or push this to sharepoint or internal portal.

Thank you for reading !