Parse KVRT report to create human readable log
This commit is contained in:
parent
f371a4cb83
commit
9d76502421
GPG key ID:
152FAC923B0E132C
1 changed files with 44 additions and 1 deletions
|
|
@ -10,6 +10,7 @@ import sys
|
|||
import time
|
||||
|
||||
from subprocess import CalledProcessError, DEVNULL
|
||||
from xml.dom.minidom import parse as xml_parse
|
||||
|
||||
from wk.cfg.main import KIT_NAME_FULL, KIT_NAME_SHORT, WINDOWS_TIME_ZONE
|
||||
from wk.cfg.repairs import (
|
||||
|
|
@ -992,6 +993,47 @@ def delete_registry_null_keys():
|
|||
run_tool('RegDelNull', 'RegDelNull', '-s', '-y', download=True)
|
||||
|
||||
|
||||
def log_kvrt_results(log_path, report_path):
|
||||
"""Parse KVRT report and log results in plain text."""
|
||||
log_text = ''
|
||||
report_file = None
|
||||
|
||||
# Get latest KVRT report
|
||||
for item in reversed(sorted(report_path.iterdir())):
|
||||
if item.name.startswith('report'):
|
||||
report_file = item
|
||||
break
|
||||
if not report_file:
|
||||
log_path.write_text('Failed to find KVRT report.', encoding='utf-8')
|
||||
return
|
||||
|
||||
# Parse report
|
||||
dom_document = xml_parse(str(report_file))
|
||||
block_elements = dom_document.getElementsByTagName('Block0')
|
||||
if not block_elements:
|
||||
log_path.write_text('Failed to parse KVRT report.', encoding='utf-8')
|
||||
return
|
||||
attributes = block_elements[0].attributes
|
||||
events = block_elements[0].getElementsByTagName('*')
|
||||
|
||||
# Log summary
|
||||
for key, value in attributes.items():
|
||||
log_text += f'{key+":":<14} {value}\n'
|
||||
|
||||
# Log quarantined items
|
||||
quarantined_items = []
|
||||
for event in events:
|
||||
if not event.getAttribute('Action') == 'Quarantined':
|
||||
continue
|
||||
quarantined_items.append(event.getAttribute('Object'))
|
||||
if quarantined_items:
|
||||
log_text += '\nQuarantined Items:\n'
|
||||
log_text += '\n'.join(quarantined_items)
|
||||
|
||||
# Done
|
||||
log_path.write_text(log_text, encoding='utf-8')
|
||||
|
||||
|
||||
def run_adwcleaner():
|
||||
"""Run AdwCleaner."""
|
||||
settings_path = get_tool_path('AdwCleaner', 'AdwCleaner', check=False)
|
||||
|
|
@ -1059,11 +1101,12 @@ def run_kvrt():
|
|||
run_program(cmd, check=False)
|
||||
sleep(1)
|
||||
wait_for_procs('KVRT.exe')
|
||||
log_kvrt_results(log_path, report_path)
|
||||
return
|
||||
|
||||
# Run in background
|
||||
proc = run_tool('KVRT', 'KVRT', *cmd_args, download=True)
|
||||
log_path.write_text(proc.stdout, encoding='utf-8')
|
||||
log_kvrt_results(log_path, report_path)
|
||||
|
||||
|
||||
def run_microsoft_defender(full=True):
|
||||
|
|
|
|||
Loading…
Reference in a new issue