none
WMI查询杀毒软件信息的问题 RRS feed

  • 问题

  • #define _WIN32_DCOM
    #include <iostream>
    using namespace std;
    #include <comdef.h>
    #include <Wbemidl.h>
    
    # pragma comment(lib, "wbemuuid.lib")
    
    int main(int argc, char **argv)
    {
    	HRESULT hres;
    
    	// Initialize COM.
    	hres = CoInitializeEx(0, COINIT_MULTITHREADED); 
    	if (FAILED(hres))
    	{
    		cout << "Failed to initialize COM library. " 
    			<< "Error code = 0x" 
    			<< hex << hres << endl;
    		return 1;       // Program has failed.
    	}
    
    	// Initialize 
    	hres = CoInitializeSecurity(
    		NULL,   
    		-1,   // COM negotiates service         
    		NULL,  // Authentication services
    		NULL,  // Reserved
    		RPC_C_AUTHN_LEVEL_DEFAULT,  // authentication
    		RPC_C_IMP_LEVEL_IMPERSONATE, // Impersonation
    		NULL,       // Authentication info 
    		EOAC_NONE,    // Additional capabilities
    		NULL       // Reserved
    		);
    
    
    	if (FAILED(hres))
    	{
    		cout << "Failed to initialize security. " 
    			<< "Error code = 0x" 
    			<< hex << hres << endl;
    		CoUninitialize();
    		return 1;     // Program has failed.
    	}
    
    	// Obtain the initial locator to Windows Management
    	// on a particular host computer.
    	IWbemLocator *pLoc = 0;
    
    	hres = CoCreateInstance(
    		CLSID_WbemLocator,       
    		0, 
    		CLSCTX_INPROC_SERVER, 
    		IID_IWbemLocator, (LPVOID *) &pLoc);
    
    	if (FAILED(hres))
    	{
    		cout << "Failed to create IWbemLocator object. "
    			<< "Error code = 0x"
    			<< hex << hres << endl;
    		CoUninitialize();
    		return 1;    // Program has failed.
    	}
    
    	IWbemServices *pSvc = 0;
    
    	// Connect to the root\cimv2 namespace with the
    	// current user and obtain pointer pSvc
    	// to make IWbemServices calls.
    
    	hres = pLoc->ConnectServer(
    
    		_bstr_t(L"ROOT\\SecurityCenter"), // WMI namespace
    		NULL,          // User name
    		NULL,          // User password
    		0,            // Locale
    		NULL,          // Security flags         
    		0,            // Authority    
    		0,            // Context object
    		&pSvc          // IWbemServices proxy
    		);               
    
    	if (FAILED(hres))
    	{
    		cout << "Could not connect. Error code = 0x" 
    			<< hex << hres << endl;
    		pLoc->Release();   
    		CoUninitialize();
    		return 1;        // Program has failed.
    	}
    
    	cout << "Connected to ROOT\\SecurityCenter WMI namespace" << endl;
    
    	// Set the IWbemServices proxy so that impersonation
    	// of the user (client) occurs.
    	hres = CoSetProxyBlanket(
    
    		pSvc,             // the proxy to set
    		RPC_C_AUTHN_WINNT,      // authentication service
    		RPC_C_AUTHZ_NONE,       // authorization service
    		NULL,             // Server principal name
    		RPC_C_AUTHN_LEVEL_CALL,    // authentication level
    		RPC_C_IMP_LEVEL_IMPERSONATE, // impersonation level
    		NULL,             // client identity 
    		EOAC_NONE           // proxy capabilities   
    		);
    
    	if (FAILED(hres))
    	{
    		cout << "Could not set proxy blanket. Error code = 0x" 
    			<< hex << hres << endl;
    		pSvc->Release();
    		pLoc->Release();   
    		CoUninitialize();
    		return 1;        // Program has failed.
    	}
    
    
    	// Use the IWbemServices pointer to make requests of WMI. 
    	// Make requests here:
    
    	// For example, query for all the running processes
    	IEnumWbemClassObject* pEnumerator = NULL;
    	hres = pSvc->ExecQuery(
    		bstr_t("WQL"), 
    		bstr_t("SELECT * FROM AntiVirusProduct"),
    		WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, 
    		NULL,
    		&pEnumerator);
    
    	if (FAILED(hres))
    	{
    		cout << "Query for processes failed. "
    			<< "Error code = 0x" 
    			<< hex << hres << endl;
    		pSvc->Release();
    		pLoc->Release();   
    		CoUninitialize();
    		return 1;        // Program has failed.
    	}
    	else
    	{ 
    		IWbemClassObject *pclsObj;
    		ULONG uReturn = 0;
    
    		while (pEnumerator)
    		{
    			hres = pEnumerator->Next(WBEM_INFINITE, 1, 
    				&pclsObj, &uReturn);
    
    			if(0 == uReturn)
    			{
    				break;
    			}
    
    			VARIANT vtProp;
    
    			// Get the value of the Name property
    			hres = pclsObj->Get(L"displayName", 0, &vtProp, 0, 0); 
    
    			wcout << "AV Product displayName : " << vtProp.bstrVal << endl; 
    
    			hres = pclsObj->Get(L"companyName", 0, &vtProp, 0, 0); 
    
    			wcout << "AV Product companyName : " << vtProp.bstrVal << endl; 
    
    			hres = pclsObj->Get(L"pathToSignedProductExe", 0, &vtProp, 0, 0); 
    
    			wcout << "AV Product pathToSignedProductExe : " << vtProp.bstrVal << endl;      
    
    			hres = pclsObj->Get(L"versionNumber", 0, &vtProp, 0, 0); 
    
    			wcout << "AV Product versionNumber : " << vtProp.bstrVal << endl;       
    
    			VariantClear(&vtProp);
    		}
    
    	}
    
    	// Cleanup
    	// ========
    
    	pSvc->Release();
    	pLoc->Release();   
    	CoUninitialize();
    
    	return 0;  // Program successfully completed.
    }
    

    如上代码所示,这个原来的代码是http://msdn.microsoft.com/en-us/library/aa390418(VS.85).aspx 这个代码改的。按照道理来说 我只改了 名称空间 

    ROOT\\SecurityCenter和查询语句 SELECT * FROM AntiVirusProduct 以及输出的信息,为啥会什么都没有呢?我明明安装了杀毒软件的啊,其他电脑业查不出来 WIN7下。其他系统不知道 。VS2010写的C++控制台程序。 名词空间和 查询语句我搜了很久  基本上都是这个,那么说明 应该没问题才对,为啥就不能输出杀毒软件的信息呢?


    …|▌'寔堅蔃の/「≯還寔╪.逞蔃﹖
    2010年7月22日 4:52

答案

  • 调试了下 

     

    hres = pEnumerator->Next(WBEM_INFINITE, 1,&pclsObj, &uReturn);//这条语句 uReturn 好像是为0.WHILE直接就被跳出循环了 好像什么记录都没取到一样!。怎么解决啊!


    …|▌'寔堅蔃の/「≯還寔╪.逞蔃﹖
    • 已标记为答案 dowflyon 2010年7月25日 4:06
    2010年7月22日 8:51
  • 参考Action center in Windows 7 reporting that antivirus is not installed


    The following is signature, not part of post
    Please mark the post answered your question as the answer, and mark other helpful posts as helpful, so they will appear differently to other users who are visiting your thread for the same problem.
    Visual C++ MVP
    • 已标记为答案 dowflyon 2010年7月25日 4:06
    2010年7月23日 0:14
    版主

全部回复