Is it possible at all to query (WMI?) the virus defnintions date of definitions installed on remote computers? I'd like to start specificially with Symantec Endpoint Protection, and then branch out to other antivirus products.
This is a WinForms, .NET project.
Symantec Endpoint Protection
There is no common library in use on operating systems to tell which definitions are in use. However, for each anti virus application you could find out if there's an API to call. Symantec Endpoint Protection goes without, but it stores activities in a Syslog compliant log file (syslog.log). See if that log file contains information about updates and definitions.
Clam AntiVirus
http://stackoverflow.com/questions/194013/anti-virus-integration-with-net-application
McAfee VirusScan
A powershell script by Ying Li to check against a list of servers for McAfee virus definitions installed.