The Procedure will look for Uncleaned Infection Files on your endpoint by the Comodo Firewall Component, So before you check/run the script on your endpoint, you should have installed the CCS on your endpoint.
Note:
Please ensure that the CCS (Comodo Client Security) is installed on your endpoint to take the script effectively
Please refer the URL to Install CCS - ITarian Forum - ITarian Forum
Please refer the URL to Execute the Monitoring Script - ITarian Forum - ITarian Forum
import os
import sys
def alert(arg):
sys.stderr.write("%d%d%d" % (arg, arg, arg))
def finduci():
p=os.path.join(os.environ['PROGRAMDATA'], 'Comodo', 'Firewall Pro', 'cisdata.sdb')
list=[]
if os.path.isfile(p):
import sqlite3
uc='SELECT * FROM UncleanedInfections'
c=sqlite3.connect(p)
op=c.cursor()
for i in op.execute(uc):
list.append(i[2])
return list
res=finduci()
if len(res)>0:
alert(1)
print '
The following Uncleaned-Infections are found at your endpoint
%s'%('
'.join(res))
else:
alert(0)
print '
No Uncleaned Infections Found :)'
Execution Log:
The script in JSON:
20170525-Alert-if-Uncleaned-Infections-are-detected-on-Endpoint—Custom-Monitor.json (1.07 KB)