What are the different sql queries which can help in fetching installed antivirus information ? 1 query i know which tells antivirus name ( as shown in the code below ).what are the other information which we can fetch using wql queries?
string wmipathstr = @"\\" + Environment.MachineName + @"\root\SecurityCenter2";
Console.WriteLine(Environment.MachineName );
var searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct");
foreach (var instances in searcher.Get())
{
Console.WriteLine(instances.GetPropertyValue("displayName"));
}
Console.Read();
This article shows a few more of the fields that should exist:
companyName
displayName
instanceGuid
onAccessScanningEnabled
pathToSignedProductExe
productHasNotifiedUser
productState
productUptoDate
productWantsWscNotifications
versionNumber
I'm guessing productState would be your 'whether it's on or off'.
Update: I believe you can use WscGetSecurityProviderHealth to get whether of not it's on instead, if that's all you're looking for.