From 04b2c1c9d9839e9a32742a89ac048d06849877fc Mon Sep 17 00:00:00 2001
From: 2Shirt <2xShirt@gmail.com>
Date: Sat, 1 May 2021 19:14:32 -0600
Subject: [PATCH] Add Microsoft Defender sections

---
 scripts/auto_repairs.py   |  2 +-
 scripts/wk/repairs/win.py | 49 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 1 deletion(-)

diff --git a/scripts/auto_repairs.py b/scripts/auto_repairs.py
index d199d918..381ea729 100644
--- a/scripts/auto_repairs.py
+++ b/scripts/auto_repairs.py
@@ -77,7 +77,7 @@ BASE_MENUS = {
       MenuEntry('BleachBit',                'auto_bleachbit'),
       MenuEntry('HitmanPro',                'auto_hitmanpro'),
       MenuEntry('KVRT',                     'auto_kvrt'),
-      MenuEntry('Windows Defender',         placeholder_function),
+      MenuEntry('Windows Defender',         'auto_microsoft_defender'),
       MenuEntry('Reboot',                   'auto_reboot'),
       ),
     'Manual Steps': (
diff --git a/scripts/wk/repairs/win.py b/scripts/wk/repairs/win.py
index d77d19d1..b054eb85 100644
--- a/scripts/wk/repairs/win.py
+++ b/scripts/wk/repairs/win.py
@@ -634,6 +634,14 @@ def auto_kvrt(group, name):
   save_settings(group, name, result=result)
 
 
+def auto_microsoft_defender(group, name):
+  """Run Microsoft Defender scan."""
+  result = TRY_PRINT.run(
+    'Microsoft Defender...', run_microsoft_defender, msg_good='DONE',
+    )
+  save_settings(group, name, result=result)
+
+
 def auto_reboot(group, name):
   """Reboot the system."""
   save_settings(group, name, done=True, failed=False, message='DONE')
@@ -797,6 +805,47 @@ def run_kvrt():
   log_path.write_text(proc.stdout)
 
 
+def run_microsoft_defender(full=True):
+  """Run Microsoft Defender scan."""
+  reg_key = r'Software\Microsoft\Windows Defender'
+
+  def _get_defender_path():
+    install_path = reg_read_value('HKLM', reg_key, 'InstallLocation')
+    return fr'{install_path}\MpCmdRun.exe'
+
+  log_path = format_log_path(
+    log_name='Microsoft Defender', timestamp=True, tool=True,
+    )
+  log_path.parent.mkdir(parents=True, exist_ok=True)
+
+  # Get MS Defender status
+  ## NOTE: disabled may be set to an int instead of bool
+  ##       This is fine because we're just checking if it's enabled.
+  disabled = bool(reg_read_value('HKLM', reg_key, 'DisableAntiSpyware'))
+  disabled = disabled or reg_read_value('HKLM', reg_key, 'DisableAntiVirus')
+  passive_mode = reg_read_value('HKLM', reg_key, 'PassiveMode') == 2
+  if disabled and not passive_mode:
+    raise GenericError('Defender is disabled.')
+
+  # Update signatures
+  defender_path = _get_defender_path()
+  cmd = (defender_path, '-SignatureUpdate')
+  proc = run_program(cmd, check=False)
+  sleep(2)
+  if proc.returncode > 0:
+    LOG.warning('Failed to update Defender signatures')
+
+  # Update defender path in case it changed after the update
+  defender_path = _get_defender_path()
+
+  # Run scan
+  cmd = (defender_path, '-Scan', '-ScanType', '2' if full else '1')
+  proc = run_program(cmd, check=False)
+  log_path.write_text(proc.stdout)
+  if proc.returncode > 0:
+    raise GenericError('Failed to run scan or clean items.')
+
+
 def run_rkill():
   """Run RKill scan."""
   log_path = format_log_path(log_name='RKill', timestamp=True, tool=True)