关于使用WMI获取杀毒软件信息
使用WMI获取杀毒软件信息时需要区分不同的操作系统,不然 会获取不到杀毒软件的信息。以下范例是针对Vista之后版本的:
//利用WMI获取杀毒软件信息
#include "stdafx.h"
#include "Antivirus.h"
#include "comutil.h"
#include "atlbase.h"
#pragma comment(lib, "wbemuuid.lib")//wmi
#pragma comment(lib, "comsuppw.lib ")
#define _WIN32_DCOM
int GetWMIAVInfo()
{
printf("GetWMIAVInfo\r\n");
HRESULT hres;
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
char failmsg[MAX_PATH] = {0};
sprintf_s(failmsg,MAX_PATH,"Failed to initialize COM library. Error code = %0Xd",hres);
printf(failmsg);
return 1; // Program has failed.
}
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
// Note: If you are using Windows 2000, you need to specify -
// the default authentication credentials for a user by using
// a SOLE_AUTHENTICATION_LIST structure in the pAuthList ----
// parameter of CoInitializeSecurity ------------------------
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
if (FAILED(hres))
{
char failmsg[MAX_PATH] = {0};
sprintf_s(failmsg,MAX_PATH,"Failed to initialize security. Error code = 0Xd",hres);
printf(failmsg);
CoUninitialize();
return 1; // Program has failed.
}
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
IWbemLocator *pLoc = NULL;
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
if (FAILED(hres))
{
char failmsg[MAX_PATH] = {0};
sprintf_s(failmsg,MAX_PATH, "Failed to create IWbemLocator object.Err code = 0xd",hres);
printf(failmsg);
CoUninitialize();
return 1; // Program has failed.
}
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
IWbemServices *pSvc = NULL;
// Connect to the root/SecurityCenter namespace with
// the current user and obtain pointer pSvc
// to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"ROOT\\SecurityCenter2"), // Object path of WMI namespace
NULL, // User name. NULL = current user
NULL, // User password. NULL = current
0, // Locale. NULL indicates current
NULL, // Security flags.
0, // Authority (e.g. Kerberos)
0, // Context object
&pSvc // pointer to IWbemServices proxy
);
if (FAILED(hres))
{
char failmsg[MAX_PATH] = {0};
sprintf_s(failmsg,MAX_PATH,"Could not connect. Error code = 0Xd ",hres);
printf(failmsg);
if ( hres == WBEM_E_ACCESS_DENIED )
{
printf("The current or specified user name and password were not valid or authorized to make the connection\r\n");
}
if ( hres == WBEM_E_FAILED )
{
printf("This indicates other unspecified errors\r\n");
}
if ( hres == WBEM_E_INVALID_NAMESPACE )
{
printf("The specified namespace did not exist on the server\r\n");
}
if ( hres == WBEM_E_INVALID_PARAMETER )
{
printf("An invalid parameter was specified\r\n");
}
if ( hres == WBEM_E_OUT_OF_MEMORY )
{
printf("There was not enough memory to complete the operation\r\n");
}
if (hres == WBEM_E_TRANSPORT_FAILURE)
{
printf("This indicates the failure of the remote procedure call (RPC) link "
"between the current process and WMI\r\n");
}
if (hres == WBEM_E_LOCAL_CREDENTIALS)
{
printf("WMI is passing the user credential on local connection\r\n");
}
if ( hres == WBEM_S_NO_ERROR)
{
printf("The call succeeded\r\n");
}
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
char msginfo[MAX_PATH] = {0};
memcpy_s(msginfo,MAX_PATH,"Connected to ROOT//SecurityCenter WMI namespace",strlen("Connected to ROOT//SecurityCenter WMI namespace"));
printf(msginfo);
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
if (FAILED(hres))
{
char errmsg[MAX_PATH] = {0};
sprintf_s(errmsg,MAX_PATH,"Could not set proxy blanket. Error code = 0xd",hres);
printf(errmsg);
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
IEnumWbemClassObject* pEnumerator = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("SELECT * FROM AntiVirusProduct"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator);
if (FAILED(hres))
{
char failmsg[MAX_PATH] = {0};
sprintf_s(failmsg,MAX_PATH,"Query for operating system name failed.Error code = 0xd",hres);
printf(failmsg);
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
IWbemClassObject *pclsObj=NULL;
ULONG uReturn = 0;
while (pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
if(0 == uReturn)
{
break;
}
CComBSTR bstrText;
hr = pclsObj->GetObjectText(0, &bstrText);
USES_CONVERSION;
MessageBox(NULL,bstrText,L"杀毒软件",0);
char msginfo[MAX_PATH*4] = {"0"};
sprintf_s(msginfo,MAX_PATH*4,"杀毒软件为%s",W2A(bstrText));
printf(msginfo);
}
// Cleanup
// ========
if (pSvc != NULL )
{
pSvc->Release();
pSvc = NULL;
}
if (pLoc != NULL )
{
pLoc->Release();
pLoc = NULL;
}
if (pEnumerator != NULL)
{
pEnumerator->Release();
pEnumerator = NULL;
}
if ( pclsObj != NULL )
{
pclsObj->Release();
pclsObj = NULL;
}
CoUninitialize();
return 0;
}
vista之前版本的杀毒软件的获取修改wmi的命名空间为root/SecurityCenter就可以了。
参考网址:http://neophob.com/2010/03/wmi-query-windows-securitycenter2/
关于使用WMI获取杀毒软件信息相关推荐
- 联想台式计算机的设备序列号,WMI获取硬件信息封装函数方法(联想台式机出厂编号 CPUID BIOS序列号 硬盘信息 显卡信息 MAC地址)...
今天玩了一把WMI,查询了一下电脑的硬件信息,感觉很多代码都是可以提取出来的,就自己把那些公共部分提出出来,以后如果要获取某部分的硬件信息就不用写一个一个的函数,比如获取MAC地址就写一个获取MAC地 ...
- windows C++ 通过WMI获取底层信息
参考 可以通过修改参数来获取相应的信息 https://www.cnblogs.com/hjbf/p/10775112.html https://docs.microsoft.com/zh-cn/wi ...
- wmi获取硬件信息c语言,通过 WMI来获取本地计算机软件硬件信息
一网打尽 介绍及款工具 WMITools和WMICodeCreator 生成.net或vbs代码来操作WMI的. 您想需要怎么调用都可以了.具体怎么下,google或bing下吧. 相关脚本 'On ...
- 用WMI获取远程机器操作系统的详细信息
使用WMI获取远程机器操作系统的详细信息 大杂烩-.NET 代码主题部分的OperatingSystem类,是使用工具(Management (WMI) Extensions for Visual S ...
- C++通过WMI获取硬件配置信息
C++通过WMI获取硬件配置信息 WMI即Windows管理规范.通过它可以访问.配置.管理和监视几乎所有的Windows资源. WMI提供程序在WMI和托管资源之间扮演着中间方的角色.提供程序代表使 ...
- c++获得cpu厂商_【C++】WMI获取系统硬件信息(CPU/DISK/NetWork etc)
原创 2016年05月14日 01:50:22 标签: c++ / WMI / CPU 官网找到一个例子,根据例子修改下可以获取很多信息 [cpp] #define _WIN32_DCOM #incl ...
- 基于WMI获取USB设备信息(即获取插即用设备信息)System.Management.ManagementObjectSearcher--ManagementObjectCollection
基于WMI获取USB设备信息(即获取插即用设备信息)System.Management.ManagementObjectSearcher--ManagementObjectCollection 获取P ...
- 通过 WMI 从 Linux 获取 Windows 信息/尝试运行程序
有一个工具可以通过 WMI 从 Linux 获取 Windows 信息,所以我试了一下. 如果这个和ZABBIX能很好的连接起来,看来可以实现真正的无代理(不是通过SNMP). 安装方法如下 1 2 ...
- 使用 C# 获取计算机硬件信息
今天我们向您展示如何使用 C# 获取计算机硬件信息.您可以获取您的系统信息,如处理器 ID.硬盘序列号.系统 MAC 地址.主板制造商.主板产品 ID.CD-DVD 驱动器路径.BIOS 制造商.BI ...
最新文章
- CUDA上深度学习模型量化的自动化优化
- asp.NET自定义服务器控件内部细节系列教程四
- 云计算 - OpenStack
- ulua/tolua中timer.lua和event.lua的使用(Luaframework)
- springBoot+springSecurity 数据库动态管理用户、角色、权限(二)
- C语言 | 基于STM32实现AT24CXX应用(代码类)
- Xcode 8 GM 编译缺失 /Users/usr/lib/libresolv.9.dylib
- Promethus搭建 K8S 集群节点资源监控系统
- 可汗学院 统计学(12到34集)
- C语言课后习题(54)
- erps 单环基本原理
- utc时间 单位换算_OSAL之时钟分析
- 阿帕奇服务器配置文件,阿帕奇服务器基本参数配置
- 【第2篇】人工智能(AI)语音测试原理和实践
- MATLAB 中有哪些命令,让人相见恨晚?
- mysql远程主机强迫关闭了_HAProxy出现远程主机强迫关闭了一个现有的连接 的错误及解决...
- GPS定位轨迹抽稀之道格拉斯-普克(Douglas-Peuker)算法详解
- Can't locate Time/HiRes.pm in @INC错误的处理方法 perl安装不全
- 前端吃香还是后端吃香?
- Ac4GlcNAz,98924-81-3,N-乙酰葡糖胺叠氮基,可以进行糖化学修饰