使用C＃检测防病毒在Windows [英] Detect Antivirus on Windows using C#

问题描述

有没有一种方法来检测是否有安装在使用C＃的计算机防病毒软件？我知道安全中心检测到防病毒软件，但你怎么能检测到在C＃？

Is there a way to detect whether there is an antivirus software installed in a machine using C#? I know the Security Center detects antivirus software but how can you detect that in C#?

一个链接就足够了。 ：D

A link would be sufficient. :D

感谢

推荐答案

据微软称，Windows安全中心用来检测状态两个层次的方法。一层是手动的，而另一个层通过Windows管理工具（WMI）是自动的。在手动检测模式下，Windows安全中心搜索独立软件制造商提供给Microsoft的注册表项和文件。这些注册表项和文件让Windows安全中心检测独立软件的状态。在WMI模式下，软件制造商确定自己的产品状态，并通过WMI提供程序报告状态返回到Windows安全中心。在这两种模式下，Windows安全中心将尝试确定以下是否是真实的：

According to Microsoft, The Windows Security Center uses a two-tiered approach for detection status. One tier is manual, and the other tier is automatic through Windows Management Instrumentation (WMI). In manual detection mode, Windows Security Center searches for registry keys and files that are provided to Microsoft by independent software manufacturers. These registry keys and files let Windows Security Center detect the status of independent software. In WMI mode, software manufacturers determine their own product status and report that status back to Windows Security Center through a WMI provider. In both modes, Windows Security Center tries to determine whether the following is true:

这是防病毒程序是present。

An antivirus program is present.

防病毒签名是最新的。

实时扫描或按访问扫描防病毒程序打开。

Real-time scanning or on-access scanning is turned on for antivirus programs.

有关防火墙，Windows安全中心检测是否安装了第三方防火墙和防火墙是否打开或没有。

For firewalls, Windows Security Center detects whether a third-party firewall is installed and whether the firewall is turned on or not.

因此​​，为了确定一个杀毒软件presence，您可以使用WMI制作的根\\安全中心命名空间（从Windows Vista开始的连接您必须使用根\\ SecurityCenter2 命名空间），然后查询为 AntiVirusProduct WMI类。

So in order to determine the presence of an antivirus software, you can use the WMI making a connection to the root\SecurityCenter namespace (starting with windows Vista you must use the root\SecurityCenter2 namespace), and then query for the AntiVirusProduct WMI class.

看这个样本code

using System;
using System.Text;
using System.Management;

namespace ConsoleApplication1
{
  class Program
  {
    public static bool AntivirusInstalled()
    {

      string wmipathstr = @"\\" + Environment.MachineName + @"\root\SecurityCenter";
      try
      {
        ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct");
        ManagementObjectCollection instances = searcher.Get();
        return instances.Count > 0;
      }

      catch (Exception e)
      {
        Console.WriteLine(e.Message);
      }

      return false;
    } 

    public static void Main(string[] args)
    {
      bool returnCode = AntivirusInstalled();
      Console.WriteLine("Antivirus Installed " + returnCode.ToString());
      Console.WriteLine();
      Console.Read();
    }

  }
}

这篇关于使用C＃检测防病毒在Windows的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！