Link to home
Create AccountLog in
Avatar of PhilC
PhilC

asked on

get antivirus information

Our client base runs many different brands and versions of antivirus software.  We would like to be able to harvest this information prior to updating them since we have known issues with some versions of some products.  Is there a generic way to find information about the default antivirus product installed?
This would be for XP and Vista, unmanaged c++
Avatar of SysExpert
SysExpert
Flag of Israel image

Use any of the free programs that do software audits, or simply run

Winmsd in report mode, and scan the resulting text file for known antivirus programs.

I hope this helps !
Avatar of PhilC
PhilC

ASKER

Thank you for your suggestion.  We currently run some system diagnostics and save a file with this information the first time a user logs on each day.  The time it takes to run Winmsd would be too long (very impatient clients I know!).  Parsing through all the installed apps would also be too time consuming.  I was hoping that there was a standard registry key or other quick access solution for determining the current antivirus setup.
If this is not the case I will award you the points since you did in fact answer my question.
Thanks again.
if you need to know what's going on then check out http://www.ocsinventory-ng.org/index.php?page=architecture
>>he time it takes to run Winmsd would be too long (very impatient clients I know!).  

If you just target the primary Antivirus vendors, you could quickly determine if and which AV is installed, by looking at the registry keys.
Avatar of PhilC

ASKER

Thanks Axter,
   that will likely be the way we will go, just wanted to check to see if there was some generic way that we were unaware of
Thank You
ASKER CERTIFIED SOLUTION
Avatar of Axter
Axter
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Check the registry key for the COM interface 'IVirusScanner' at HKEY_CLASSES_ROOT\Interface\{4589BEE0-B4B1-11CF-AAFA-00AA00B6015C} - if you find a subkey there, a virus scanner is installed.
Avatar of PhilC

ASKER

Kaspersky doesnt seem to put any subkey under that key, but I will look into for other programs.  Also it does not appear that the key exists for Vista.
Thank You,
jkr,
I would love to see a generic solution myself for my own project.

However, I just looked at a machine that has Sophos and a machine that has McAfee.
Neither of them had this key.

I also did a Google search on IVirusScanner, and that doesn't return anything.

Where is this information from?

>>  Delete with points refunded

I disagree, since the user stated in previous comment that he/she would likely go with one of the methods I suggested.
Moreover, I provided code that would help to that end.

I recommend awarding points. (I'm OK with a split).
Avatar of PhilC

ASKER

thank you all for your input, unfortunately it appears there is no solution as easy as I had hoped