none
The property "TIMESTAMP" from WMI class ANTIVIRUSPRODUCT from ROOT\SECURITYCENTER2 is misguiding RRS feed

  • Question

  • Hi. So, I've been trying to get security details of my system using WMI. While going through the properties, I found some properties more misguiding. The properties are as follows.

    1. timestamp - I thought it was the last access time of the anitvirus in the system i.e., whenever any scan is invoked in the system, the timestamp will show that time. But its not showing the last scan(screenshot attached). Please explain me if this is a wmi error or if the timestamp will change only on certain conditions(if this is the case, what are they?) 

    2. pathToSignedProductExe - I thought this would be the product's main exe which starts all the antivirus service/ just starts the functionality of the product. But the exe mentioned in this product is not even running in the task manager even though the product is active.(Screenshot attached below). Please explain me what does this mean.

    Please help me. Thanks.

    Sunday, November 6, 2016 11:20 PM

All replies

  • Hi Abhishek N,

    thanks for posting here.

    Reading directly from rootsecuritycenter and rootsecuritycenter2 are not documented or supported interfaces. As such, anyone who takes a dependency on them does so at their own risk. We do not share the productState details outside of Windows, even under NDA. Unfortunately, other than the WscGetSecurityProviderHealth interface, we don’t have a public interface to do what you are requesting at this time.

    Best Regards,
    Sera Yu


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by Abhishek N Monday, November 7, 2016 9:49 AM
    • Unmarked as answer by Abhishek N Tuesday, November 8, 2016 7:14 AM
    Monday, November 7, 2016 8:37 AM
  • Thanks for replying. But, does the interface WscGetSecurityProviderHealth work in all the OS.? I believe they don't work on server OS and XP machines.

    Tuesday, November 8, 2016 7:16 AM
  • Hi Abhishek N,

    >>Thanks for replying. But, does the interface WscGetSecurityProviderHealth work in all the OS.? I believe they don't work on server OS and XP machines.

    Yes. It only works with desktop apps on client os later from Windows Vista. 

    Please refer to this document.

    https://msdn.microsoft.com/en-us/library/bb432506(v=vs.85).aspx

    Hope this could be help of you.

    Best Regards,
    Sera Yu


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, November 8, 2016 7:26 AM