Issue with servers running PowerShell 4 and earlier

[KebinPls]

Mostly seen on servers running Windows 2012R2 and earlier.

PS C:\users\USER\desktop> .\test.ps1 Expand-Archive : The term 'Expand-Archive' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At C:\users\USER\desktop\test.ps1:30 char:1

• Expand-Archive -Path .\yara32.zip ./

• 
  + CategoryInfo          : ObjectNotFound: (Expand-Archive:String) [], CommandNotFoundException
  + FullyQualifiedErrorId : CommandNotFoundException

Expand-Archive : The term 'Expand-Archive' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At C:\users\USER\desktop\test.ps1:31 char:1

• Expand-Archive -Path .\yara64.zip ./

• 
  + CategoryInfo          : ObjectNotFound: (Expand-Archive:String) [], CommandNotFoundException
  + FullyQualifiedErrorId : CommandNotFoundException

Log4j/Log4Shell CVE-2021-44228 Scanning/Mitigation Tool (seagull/Datto)

• Log4j 2.10+ exploit mitigation (LOG4J_FORMAT_MSG_NO_LOOKUPS) already set.
• Scan scope: Fixed & Removable Drives
• Not downloading new YARA definitions. ! ERROR: yara32.exe not found. It needs to be in the same directory as the script. Download Yara from https://github.com/virustotal/yara/releases/latest and place them here.

It's stated that PowerShell 5.1 and newer supports these cmdlets universally.

[Wdrussell1]

I updated the extraction method you should be able to update your script now. Please verify.

[KebinPls]

Seems like it can't extract the files because the folder path doesn't exist. Should it forcefully create these folders? I tried this on the latest build on Win10, I can try again on an old server tomorrow.

PS C:\temp> .\test.ps1
Exception calling "ExtractToDirectory" with "2" argument(s): "Could not find a part of the path 'C:\log4j\yara32.zip'."
At C:\temp\Test.ps1:32 char:1
+ [io.compression.zipfile]::ExtractToDirectory("C:\log4j\yara32.zip", " ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DirectoryNotFoundException

Exception calling "ExtractToDirectory" with "2" argument(s): "Could not find a part of the path 'C:\log4j\yara64.zip'."
At C:\temp\Test.ps1:33 char:1
+ [io.compression.zipfile]::ExtractToDirectory("C:\log4j\yara64.zip", " ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : DirectoryNotFoundException

Log4j/Log4Shell CVE-2021-44228 Scanning/Mitigation Tool (seagull/Datto)
=======================================================================
- Log4j 2.10+ exploit mitigation (LOG4J_FORMAT_MSG_NO_LOOKUPS) already set.
- Scan scope: Fixed & Removable Drives
- Not downloading new YARA definitions.
! ERROR: yara32.exe not found. It needs to be in the same directory as the script.
  Download Yara from https://github.com/virustotal/yara/releases/latest and place them here.

[Wdrussell1]

My fault, I have 3 different running versions of this script. I copied the wrong variables. Update and try again.