使用 C# 在 Windows 上检测杀毒软件 [英] Detect Antivirus on Windows using C#

问题描述

有没有办法用C#检测机器上是否安装了杀毒软件?我知道安全中心检测到防病毒软件，但您如何在 C# 中检测到它?

Is there a way to detect whether there is an antivirus software installed in a machine using C#? I know the Security Center detects antivirus software but how can you detect that in C#?

推荐答案

根据 Microsoft 的说法，Windows 安全中心使用两层方法检测状态.一层是手动的，另一层是通过 Windows Management Instrumentation (WMI) 自动完成的.在手动检测模式下，Windows 安全中心会搜索由独立软件制造商提供给 Microsoft 的注册表项和文件.这些注册表项和文件让 Windows 安全中心检测独立软件的状态.在 WMI 模式下，软件制造商确定他们自己的产品状态并通过 WMI 提供程序将该状态报告回 Windows 安全中心.在这两种模式下，Windows 安全中心都会尝试确定以下情况是否为真:

According to Microsoft, The Windows Security Center uses a two-tiered approach for detection status. One tier is manual, and the other tier is automatic through Windows Management Instrumentation (WMI). In manual detection mode, Windows Security Center searches for registry keys and files that are provided to Microsoft by independent software manufacturers. These registry keys and files let Windows Security Center detect the status of independent software. In WMI mode, software manufacturers determine their own product status and report that status back to Windows Security Center through a WMI provider. In both modes, Windows Security Center tries to determine whether the following is true:

存在防病毒程序.

防病毒签名是最新的.

为防病毒程序开启实时扫描或按访问扫描.

Real-time scanning or on-access scanning is turned on for antivirus programs.

对于防火墙，Windows 安全中心会检测是否安装了第三方防火墙以及防火墙是否打开.

For firewalls, Windows Security Center detects whether a third-party firewall is installed and whether the firewall is turned on or not.

因此，为了确定防病毒软件的存在，您可以使用 WMI 连接到 rootSecurityCenter 命名空间(从 Windows Vista 开始，您必须使用 rootSecurityCenter2 命名空间)，然后查询 AntiVirusProduct WMI 类.

So in order to determine the presence of an antivirus software, you can use the WMI making a connection to the rootSecurityCenter namespace (starting with windows Vista you must use the rootSecurityCenter2 namespace), and then query for the AntiVirusProduct WMI class.

看看这个示例代码

using System;
using System.Text;
using System.Management;

namespace ConsoleApplication1
{
  class Program
  {
    public static bool AntivirusInstalled()
    {

      string wmipathstr = @"\" + Environment.MachineName + @"
ootSecurityCenter";
      try
      {
        ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct");
        ManagementObjectCollection instances = searcher.Get();
        return instances.Count > 0;
      }

      catch (Exception e)
      {
        Console.WriteLine(e.Message);
      }

      return false;
    } 

    public static void Main(string[] args)
    {
      bool returnCode = AntivirusInstalled();
      Console.WriteLine("Antivirus Installed " + returnCode.ToString());
      Console.WriteLine();
      Console.Read();
    }

  }
}

这篇关于使用 C# 在 Windows 上检测杀毒软件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！