在 C# 中检查防病毒状态

发布于 2024-10-13 05:11:18 字数 309 浏览 8 评论 0原文

我需要检查一组服务器以查看防病毒软件是否是最新的并且正在运行。棘手的是,它们分布在 Windows 2003 和 2008 服务器上,我需要能够检查所有这些。

有没有办法用 C# 或 VB.NET 来做到这一点?

我简单地浏览了一下 WMI 的使用情况,但在 2008/win7 计算机上 Microsoft 似乎更改了他们返回给您的信息。

总之,我需要以下信息:

  • AV 名称
  • AV 版本
  • AV 最新
  • AV 已启用/正在运行

有人可以帮忙吗?

I need to check a group of servers to see whether the anti virus is up-to-date and running. Tricky thing is that they are spread over Windows 2003 and 2008 servers and I need to be able to check them all.

Is there any way of doing this with C# or VB.NET?

I have briefly looked around using WMI, but it appears on 2008/win7 computers Microsoft has changed what information they give back to you.

In summary, I need the following:

  • AV name
  • AV version
  • AV Up-to-Date
  • AV Enabled/Running

Can anyone help?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

呆头 2024-10-20 05:11:18

示例可以在此处 正如您提到的使用 WMI。海报指出这是在 Win 7 机器上完成的;所以下面的代码应该可以帮助您开始......

ConnectionOptions _connectionOptions = new ConnectionOptions();
//Not required while checking it in local machine.
//For remote machines you need to provide the credentials
//options.Username = "";
//options.Password = "";
_connectionOptions.EnablePrivileges = true;
_connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
//Connecting to SecurityCenter2 node for querying security details
ManagementScope _managementScope = new ManagementScope(string.Format("\\\\{0}\\root\\SecurityCenter2", ipAddress), _connectionOptions);
_managementScope.Connect();
//Querying
ObjectQuery _objectQuery = new ObjectQuery("SELECT * FROM AntivirusProduct");
ManagementObjectSearcher _managementObjectSearcher =
    new ManagementObjectSearcher(_managementScope, _objectQuery);
ManagementObjectCollection _managementObjectCollection = _managementObjectSearcher.Get();
if (_managementObjectCollection.Count > 0)
{
    foreach (ManagementObject item in _managementObjectCollection)
    {
        Console.WriteLine(item["displayName"]);
        //For Kaspersky AntiVirus, I am getting a null reference here.
        //Console.WriteLine(item["productUptoDate"]);

        //If the value of ProductState is 266240 or 262144, its an updated one.
        Console.WriteLine(item["productState"]);
    }
}

Sample can be found here using WMI as you mentioned. The poster states this is being done on a Win 7 machine; so the code below should get you started...

ConnectionOptions _connectionOptions = new ConnectionOptions();
//Not required while checking it in local machine.
//For remote machines you need to provide the credentials
//options.Username = "";
//options.Password = "";
_connectionOptions.EnablePrivileges = true;
_connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
//Connecting to SecurityCenter2 node for querying security details
ManagementScope _managementScope = new ManagementScope(string.Format("\\\\{0}\\root\\SecurityCenter2", ipAddress), _connectionOptions);
_managementScope.Connect();
//Querying
ObjectQuery _objectQuery = new ObjectQuery("SELECT * FROM AntivirusProduct");
ManagementObjectSearcher _managementObjectSearcher =
    new ManagementObjectSearcher(_managementScope, _objectQuery);
ManagementObjectCollection _managementObjectCollection = _managementObjectSearcher.Get();
if (_managementObjectCollection.Count > 0)
{
    foreach (ManagementObject item in _managementObjectCollection)
    {
        Console.WriteLine(item["displayName"]);
        //For Kaspersky AntiVirus, I am getting a null reference here.
        //Console.WriteLine(item["productUptoDate"]);

        //If the value of ProductState is 266240 or 262144, its an updated one.
        Console.WriteLine(item["productState"]);
    }
}
不…忘初心 2024-10-20 05:11:18

根据您的环境设置方式,您可能需要指定您的安全性和权限。您还应该注意,某些防病毒产品(例如 McAfee)不通过 WMI 提供数据

您可以使用以下代码片段从 WMI 查询防病毒信息:

string computer = Environment.MachineName;  
string wmipath = @"\\" + computer + @"\root\SecurityCenter";  
string query = @"SELECT * FROM AntivirusProduct";

ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipath, query);  
ManagementObjectCollection results = searcher.Get();

foreach (ManagementObject result in results)  
{  
    // do something with `result[value]`);
}

Depending on how your environment is setup you may need to specify your security and permissions. You should also note that some antivirus products (like McAfee) do not make data available through WMI.

You can query the Antivirus information from WMI using this snippet:

string computer = Environment.MachineName;  
string wmipath = @"\\" + computer + @"\root\SecurityCenter";  
string query = @"SELECT * FROM AntivirusProduct";

ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipath, query);  
ManagementObjectCollection results = searcher.Get();

foreach (ManagementObject result in results)  
{  
    // do something with `result[value]`);
}
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文