检查C#中的防病毒状态

时间:2011-01-20 17:34:34

标签: c# windows-server-2008 windows-server-2003 antivirus

我需要检查一组服务器,看看反病毒是否是最新的并且正在运行。棘手的是它们分布在Windows 2003和2008服务器上,我需要能够检查它们。

有没有办法用C#或VB.NET这样做?

我简要介绍过使用WMI,但它出现在2008 / win7计算机上微软已经改变了他们给你的信息。

总之,我需要以下内容:

  • AV名称
  • AV版
  • AV最新
  • AV已启用/正在运行

有人可以帮忙吗?

2 个答案:

答案 0 :(得分:3)

如您所述,可以使用WMI找到示例here。海报说这是在Win 7机器上完成的;所以下面的代码应该让你开始... 

ConnectionOptions _connectionOptions = new ConnectionOptions();
//Not required while checking it in local machine.
//For remote machines you need to provide the credentials
//options.Username = "";
//options.Password = "";
_connectionOptions.EnablePrivileges = true;
_connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
//Connecting to SecurityCenter2 node for querying security details
ManagementScope _managementScope = new ManagementScope(string.Format("\\\\{0}\\root\\SecurityCenter2", ipAddress), _connectionOptions);
_managementScope.Connect();
//Querying
ObjectQuery _objectQuery = new ObjectQuery("SELECT * FROM AntivirusProduct");
ManagementObjectSearcher _managementObjectSearcher =
    new ManagementObjectSearcher(_managementScope, _objectQuery);
ManagementObjectCollection _managementObjectCollection = _managementObjectSearcher.Get();
if (_managementObjectCollection.Count > 0)
{
    foreach (ManagementObject item in _managementObjectCollection)
    {
        Console.WriteLine(item["displayName"]);
        //For Kaspersky AntiVirus, I am getting a null reference here.
        //Console.WriteLine(item["productUptoDate"]);

        //If the value of ProductState is 266240 or 262144, its an updated one.
        Console.WriteLine(item["productState"]);
    }
}

答案 1 :(得分:3)

根据您的环境设置方式,您可能需要指定安全性和权限。您还应注意某些防病毒产品(如McAfee)无法通过WMI提供数据

您可以使用以下代码段从WMI查询防病毒信息:

string computer = Environment.MachineName;  
string wmipath = @"\\" + computer + @"\root\SecurityCenter";  
string query = @"SELECT * FROM AntivirusProduct";

ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipath, query);  
ManagementObjectCollection results = searcher.Get();

foreach (ManagementObject result in results)  
{  
    // do something with `result[value]`);
}
相关问题
最新问题