Parse KVRT report to create human readable log

2023-02-04 17:22:00 -08:00 · 2023-02-04 17:22:00 -08:00 · 9d76502421
commit 9d76502421
parent f371a4cb83
1 changed files with 44 additions and 1 deletions
--- a/scripts/wk/repairs/win.py
+++ b/scripts/wk/repairs/win.py
@ -10,6 +10,7 @@ import sys
 import time
 from subprocess       import CalledProcessError, DEVNULL
 from xml.dom.minidom  import parse as xml_parse
 from wk.cfg.main      import KIT_NAME_FULL, KIT_NAME_SHORT, WINDOWS_TIME_ZONE
 from wk.cfg.repairs   import (
@ -992,6 +993,47 @@ def delete_registry_null_keys():
  run_tool('RegDelNull', 'RegDelNull', '-s', '-y', download=True)
 def log_kvrt_results(log_path, report_path):
  """Parse KVRT report and log results in plain text."""
  log_text = ''
  report_file = None
  # Get latest KVRT report
  for item in reversed(sorted(report_path.iterdir())):
    if item.name.startswith('report'):
      report_file = item
      break
  if not report_file:
    log_path.write_text('Failed to find KVRT report.', encoding='utf-8')
    return
  # Parse report
  dom_document = xml_parse(str(report_file))
  block_elements = dom_document.getElementsByTagName('Block0')
  if not block_elements:
    log_path.write_text('Failed to parse KVRT report.', encoding='utf-8')
    return
  attributes = block_elements[0].attributes
  events = block_elements[0].getElementsByTagName('*')
  # Log summary
  for key, value in attributes.items():
    log_text += f'{key+":":<14} {value}\n'
  # Log quarantined items
  quarantined_items = []
  for event in events:
    if not event.getAttribute('Action') == 'Quarantined':
      continue
    quarantined_items.append(event.getAttribute('Object'))
  if quarantined_items:
    log_text += '\nQuarantined Items:\n'
  log_text += '\n'.join(quarantined_items)
  # Done
  log_path.write_text(log_text, encoding='utf-8')
 def run_adwcleaner():
  """Run AdwCleaner."""
  settings_path = get_tool_path('AdwCleaner', 'AdwCleaner', check=False)
@ -1059,11 +1101,12 @@ def run_kvrt():
    run_program(cmd, check=False)
    sleep(1)
    wait_for_procs('KVRT.exe')
    log_kvrt_results(log_path, report_path)
    return
  # Run in background
  proc = run_tool('KVRT', 'KVRT', *cmd_args, download=True)
-  log_path.write_text(proc.stdout, encoding='utf-8')
+  log_kvrt_results(log_path, report_path)
 def run_microsoft_defender(full=True):