Possible Duplicates:
Detect Antivirus on Windows using C#
How to detect if a virusscanner and/or firewall is installed? (And a few other security-related Q's.)
is there a way to detect currently instaled av without searching for known processes?
views:
157answers:
2
+2
A:
Yes there is. You can use WMI, I assume you are asking about Windows, to check installed instances of an anti-virus program. It is quite simple from C# and this link gives a good explanation of how to do it. It is also possible to access WMI from C++ and that is explained here. Also for anything WMI related I highly recommend the WMI Studio.
linuxuser27
2010-10-18 20:09:31
Beat me by 5 seconds! :)
Mark Allen
2010-10-18 20:11:34
There is one problem with WMI tho. Anybody can write there anything. This is often misused by viruses (fake AVs). So in the end you still need list of known "AVs".
Kra
2010-10-18 20:26:22
@Kra Well sure, but at that point all bets are off. You really can't know for sure. You can't even reliably detect, necessarily, whether you are running in a VM. We might be in a VM right now... (j/k)
Mark Allen
2010-10-18 21:03:03
+1
A:
It depends on the AV software and the OS but it looks like you can use WMI. Here's an example on using WMI script - using WMI from C++ is outside of my knowledge, sorry.
Mark Allen
2010-10-18 20:09:36