如何打开 Windows 设置“病毒和威胁防护”

【问题标题】:How to Open Windows Settings "Virus and Threat Protections"如何打开 Windows 设置“病毒和威胁防护”
【发布时间】:2020-07-11 14:52:59
【问题描述】:

我可以通过代码检测是否已安装和/或运行防病毒软件,通过类似于以下代码:

    public static bool IsAntivirusInstalled()
    {
        // Note: Windows 10 and Windows Server use different methods. I must take that into account in a future version. \root\SecurityCenter2 does not exist on server editions.

        // https://stackoverflow.com/questions/1331887/detect-antivirus-on-windows-using-c-sharp
        string wmipathstr = @"\\" + Environment.MachineName + @"\root\SecurityCenter2";
        try
        {
            ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct");
            ManagementObjectCollection instances = searcher.Get();
            //foreach (ManagementObject virusChecker in wmiData)
            //{
            //    var virusCheckerName = virusChecker["displayName"];
            //}

            return instances.Count > 0;
        }

        catch (Exception e)
        {
            Console.WriteLine(e.Message);
        }

        return false;
    }

如果用户关闭了防病毒保护,我希望能够通过代码显示 Windows 安全中心的病毒和威胁保护区域。我的应用程序需要运行防病毒软件,并且我需要检查它是否存在。

一种方法是打开gpedit.msc,但这很危险,所以任务是为用户显示适当的设置区域,而不是更改它,只是显示它。

对评论的回应

答案产生了这个屏幕,但我仍然不相信用户应该看到独立于我的桌面的关键操作。

【问题讨论】:

  • 任何防病毒软件或只有 Windows 安全中心病毒和威胁防护?
  • @SudipShrestha Windows 安全中心包括管理其他防病毒软件,例如 McAfee。为了回答您的问题,我只想为用户打开 WSC 小程序并将其放在前面。

标签: c# windows-10 settings antivirus


【解决方案1】:

我们可以check the registry for the status

  1. 从 NuGet 添加 Microsoft.Win32.Registry。
  2. 检查注册表状态。

`

using Microsoft.Win32;
...
    static bool IsWindowsVirusProtectionEnabledAsync()
    {
        var subKey = Registry.LocalMachine.OpenSubKey(
            @"SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status", false);

        return (subKey != null && 
                subKey.GetValueNames().Contains("OnboardingState") &&
                subKey.GetValue("OnboardingState").Equals(1));
    }

Also please read this. 您可能需要注意其他键,例如 DisableAntiSpyware 和 DisableAntiVirus。我对此不是 100% 确定的。

编辑 2: 我无法找到打开“病毒和威胁窗口”的快捷方式或 cmd 行,但是,我可以手动启动它:

因此,一种 hack 方法是通过模拟键盘手动启动它以启动“病毒和威胁窗口”:(这有点 hack,但它确实对我有用)。

[DllImport("user32.dll", SetLastError = true)]
static extern void keybd_event(byte bVk, byte bScan, int dwFlags, int dwExtraInfo);

const int KEYEVENTF_KEYDOWN = 0x0000; // New definition
const int KEYEVENTF_EXTENDEDKEY = 0x0001; //Key down flag
const int KEYEVENTF_KEYUP = 0x0002; //Key up flag

const int VK_ESCAPE = 0x1B;

const int VK_0 = 0x30;
const int VK_1 = 0x31;
const int VK_2 = 0x32;
const int VK_3 = 0x33;
const int VK_4 = 0x34;
const int VK_5 = 0x35;
const int VK_6 = 0x36;
const int VK_7 = 0x37;
const int VK_8 = 0x38;
const int VK_9 = 0x39;

const int VK_A = 0x41;
const int VK_B = 0x42;
const int VK_C = 0x43;
const int VK_D = 0x44;
const int VK_E = 0x45;
const int VK_F = 0x46;
const int VK_G = 0x47;
const int VK_H = 0x48;
const int VK_I = 0x49;
const int VK_J = 0x4A;
const int VK_K = 0x4B;
const int VK_L = 0x4C;
const int VK_M = 0x4D;
const int VK_N = 0x4E;
const int VK_O = 0x4F;
const int VK_P = 0x50;
const int VK_Q = 0x51;
const int VK_R = 0x52;
const int VK_S = 0x53;
const int VK_T = 0x54;
const int VK_U = 0x55;
const int VK_V = 0x56;
const int VK_W = 0x57;
const int VK_X = 0x58;
const int VK_Y = 0x59;
const int VK_Z = 0x5A;

const int VK_LCONTROL = 0xA2; //Left Control key code
const int VK_SHIFT = 0x10;
const int VK_SPACE = 0x20;
const int VK_RETURN = 0x0D;

static void StartVirusAndThreatProtectionUI()
{
    Console.WriteLine("Starting...");

    keybd_event(VK_LCONTROL, 0, KEYEVENTF_KEYDOWN, 0);
    keybd_event(VK_ESCAPE, 0, KEYEVENTF_KEYDOWN, 0);
    keybd_event(VK_ESCAPE, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_LCONTROL, 0, KEYEVENTF_KEYUP, 0);
    Thread.Sleep(1000); // in case the computer is slow
    keybd_event(VK_V, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_V, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_I, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_I, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_R, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_R, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_U, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_U, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_S, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_S, 0, KEYEVENTF_KEYUP, 0);

    keybd_event(VK_SPACE, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_SPACE, 0, KEYEVENTF_KEYUP, 0);

    keybd_event(VK_SHIFT, 0, KEYEVENTF_KEYDOWN, 0);
    keybd_event(VK_7, 0, KEYEVENTF_KEYDOWN, 0);
    keybd_event(VK_7, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_SHIFT, 0, KEYEVENTF_KEYUP, 0);
    
    keybd_event(VK_SPACE, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_SPACE, 0, KEYEVENTF_KEYUP, 0);

    keybd_event(VK_T, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_T, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_H, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_H, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_R, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_R, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_E, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_E, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_A, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_A, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_T, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_T, 0, KEYEVENTF_KEYUP, 0);

    keybd_event(VK_SPACE, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_SPACE, 0, KEYEVENTF_KEYUP, 0);

    keybd_event(VK_P, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_P, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_R, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_R, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_O, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_O, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_T, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_T, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_E, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_E, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_C, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_C, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_T, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_T, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_I, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_I, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_O, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_O, 0, KEYEVENTF_KEYUP, 0);
    keybd_event(VK_N, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_N, 0, KEYEVENTF_KEYUP, 0);

    Thread.Sleep(1000); // In case the search takes time...

    keybd_event(VK_RETURN, 0, KEYEVENTF_KEYDOWN, 0); keybd_event(VK_RETURN, 0, KEYEVENTF_KEYUP, 0);

    Console.WriteLine("Hopefully Done.");
}

【讨论】:

  • 我会将这个方法添加到我的课程中,因为很高兴知道您的版本可能适用于 Windows Server 2016/9,这很高兴知道,但我已经有功能可以告诉我如果已安装和/或启用防病毒软件。我想要的是能够打开 WSC 病毒和威胁区域,而您的答案没有这样做。
  • 您是说要打开 Windows 安全 => 病毒和威胁防护选项卡 UI?
  • 我没有找到任何 CMD 行或以编程方式打开病毒和威胁防护窗口(甚至是 Windows 安全窗口)。抱歉 :( 我们可以模拟按键 => 开始按钮、“病毒和威胁防护”、输入按钮...(请参阅上面的更新)。
  • @SudipShreshtha 有趣的是,手动按下“开始按钮”然后输入“病毒...”并不会出现这种情况。
  • 这个答案可以归类为一个很好的大学尝试,但失败的原因有两个。 1) 它会调出“agt_virus-off.png”的 Windows 照片,这是一张注射器的图片。 2)它从字面上模拟键盘按键。我看到了开始菜单和一切。它应该会打开 WSC 小程序,就像使用 MessageBox.Show(...) 显示的消息框一样,只是出现,没有键盘。
猜你喜欢
  • 2022-09-27
  • 1970-01-01
  • 1970-01-01
  • 2021-02-23
  • 2017-09-20
  • 1970-01-01
  • 2010-11-26
  • 2010-11-27
  • 1970-01-01
相关资源
最近更新 更多
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode