Sign in
 
HomeLibraryLearnDownloadsRepositoryCommunityForumsBlog
Script Center >
VBScript: Trying to script WMI AntivirusProduct results to do seperate operations

Answered VBScript: Trying to script WMI AntivirusProduct results to do seperate operations

  • Friday, July 17, 2009 8:47 PM
     
      Has Code
    Sign In to Vote
    0
    I am trying to write a login script that will email the helpdesk if there is no antivirus product installed on any computers logging into the domain. I have a virtual machine that doesn't have antivirus installed on it to verify that the script is functioning properly. Unfortunately no matter what I try it never seems to find a null response even though I've used wbemtest to verify that the result is in fact null for the object being queried. Any help would be appreciated. 


    Const ForReading = 1, ForWriting = 2, ForAppending = 8
Dim strComputer, strCompany, strAV, strScanning, strUptodate, strMsg, strView, strPath, strFilesys, strFiletxt, strSubject, strTextbody

strComputer = "."
Set objComputer = CreateObject("Shell.LocalMachine")
Set oWMI = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\SecurityCenter")
Set colAV = oWMI.ExecQuery("Select * from AntiVirusProduct")
		For Each objAntiVirusProduct In colAV
			If IsNull(objAntiVirusProduct.instanceGuid) Then
				strSubject = "Anti-virus is not running on " & objComputer.MachineName
				strTextbody = "You will need to check on " & objComputer.MachineName 
				Call SmtpServer		
			Else
				strCompany = objAntiVirusProduct.companyName
				strAV = objAntiVirusProduct.displayName
				strScanning = objAntiVirusProduct.onAccessScanningEnabled
				strUptodate = objAntiVirusProduct.productUptoDate

'*Format the results for the log file
	strMsg = "This information was collected on: " & Date & " at " & Time & vbCrLf
	strMsg = strMsg & "Manufacturer:-------------- " & strCompany & vbCrLf 
	strMsg = strMsg & "Product:------------------- " & strAV & vbCrLf 
	strMsg = strMsg & "Scanning Enabled?---------- " & strScanning & vbCrLf 
	strMsg = strMsg & "Definitions UptoDate?------ " & strUptodate & vbCrLf 
	strMsg = strMsg & "--------------------------------------------------"
	strMsg = strMsg & vbCrLf
'*This is where we create or append to the log file
	strPath = "\\UNCPATH\Goes\Here" & objComputer.MachineName & ".log"
	Set strFilesys = CreateObject("Scripting.FileSystemObject")
	Set strFiletxt = strFilesys.OpenTextFile(strPath, ForAppending, True)
		strFiletxt.WriteLine(strMsg)
		strFiletxt.Close

			End If
		Next
'*Call sub function if needed
Sub SmtpServer
	Set objEmail = CreateObject("CDO.Message")
		objEmail.From = "someemail@address.com"
		objEmail.To = "someemail@address.com"
		objEmail.Subject = strSubject
		objEmail.Textbody = strTextbody
		objEmail.Configuration.Fields.Item _
			("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
		objEmail.Configuration.Fields.Item _
			("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "mail.server.com"
		objEmail.Configuration.Fields.Item _
			("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
		objEmail.Configuration.Fields.Update
		objEmail.Send
End Sub
WScript.Quit

     

All Replies

  • Saturday, July 18, 2009 8:18 AM
    Moderator
     
     Answered Has Code
    Sign In to Vote
    0
    If antivirus is not installed the AntivirusProduct class shoudn't have any instances and colAV.Count should be 0, so try something like this:


    strComputer = "."

Set oWMI = GetObject _
    ("winmgmts:{impersonationlevel=impersonate}!\\" _
    & strComputer & "\root\SecurityCenter")

Set colAV = oWMI.ExecQuery _
    ("Select * from AntiVirusProduct")
    
If colAV.Count = 0 Then
    WScript.Echo "AV not installed"
Else
    WScript.Echo "AV installed"
End If
    urkec
     
  • Saturday, July 18, 2009 6:02 PM
     
     
    Sign In to Vote
    0
    Perfect!! Thanks a million urkec!
     
  • Monday, November 02, 2009 2:01 PM
     
     
    Sign In to Vote
    0

    urkec, this was excellent for desktops, How this is possible on Server Operating Systems??


    It would be great if you can provide for the server operating Systems.

    Thanks a ton!
    Troubleshoot
     
  • Monday, November 02, 2009 6:15 PM
    Moderator
     
     
    Sign In to Vote
    0
    The script should work on any Windows version that has the AntiVirusProduct WMI class in Root\SecurityCenter namespace (I think XP and later, but not sure). The other requirement is that the antivirus application is visible to Windows Security Center.

    You can use wbemtest.exe or WMI Administrative Tools (CIM Studio) to verify that the class exists on a system.
    Uros Calakovic
     
  • Wednesday, November 04, 2009 3:25 PM
     
     
    Sign In to Vote
    0
    Security Center namespace is not present in Server operting System..

    Could you please let me know the script which will detect Antivirus installed or not on Server?? this will be verymuch useful as that script works only on desktops.
    Troubleshoot