$RC = SetOption( "EXPLICIT", "ON" ) Dim $arrCmdLine, $arrOSVer, $colItems, $Computer, $False, $Msg, $objItem, $objWMISvc, $True $False = 0 $True = -1 ; Check if a computer name was passed on the command line ; (assuming the last and only argument is the computer name) $arrCmdLine = GetCommandLine( 1 ) If InStr( $arrCmdLine[Ubound( $arrCmdLine )], @SCRIPTNAME ) $Computer = "." Else $Computer = $arrCmdLine[Ubound( $arrCmdLine )] EndIf ; Error message in case the OS version check fails $Msg = "This script requires Windows XP SP2 or later.@CRLF" $Msg = $Msg + " OS version detected: " + $objItem.Caption $Msg = $Msg + " SP " + $objItem.ServicePackMajorVersion $Msg = $Msg + "." + $objItem.ServicePackMinorVersion + "." ; First check the OS version: XP (5.1) SP2 is the minimum required, ; since the SecurityCenter was introduced in Windows XP SP2 $objWMISvc = GetObject( "winmgmts://$Computer/root/CIMV2" ) $colItems = $objWMISvc.ExecQuery( "SELECT * FROM Win32_OperatingSystem" ) For Each $objItem In $colItems $arrOSVer = Split( $objItem.Version, "." ) If $arrOSVer[0] < 5 ; Windows NT 4 or before Syntax( $Msg ) Quit 1 EndIf If $arrOSVer[0] = 5 ; Windows 2000 or before If $arrOSVer[1] = 0 Syntax( $Msg ) Quit 1 EndIf If $objItem.ServicePackMajorVersion < 2 ; Windows XP SP1 or before Syntax( $Msg ) Quit 1 EndIf EndIf Next ; Error message in case connecting to the SecurityCenter fails $Msg = "Could not connect to SecurityCenter" ; Connect to the local or remote SecurityCenter through WMI $objWMISvc = GetObject( "winmgmts:{impersonationLevel=impersonate}!//$Computer/root/SecurityCenter" ) If @ERROR <> 0 If $Computer = "." Syntax( $Msg ) Quit 1 Else Syntax( "$Msg on $Computer" ) Quit 1 EndIf EndIf ; Query the installed AntiVirus product $colItems = $objWMISvc.ExecQuery( "SELECT * FROM AntiVirusProduct", "WQL", 48 ) If @ERROR <> 0 Syntax( "No AntiVirus product detected by WMI" ) Quit 1 EndIf ; Format the returned results $Msg = "@CRLF" + "AntiVirus:@CRLF==========@CRLF" For Each $objItem In $colItems $Msg = $Msg + $objItem.displayName + ", Version " + $objItem.versionNumber + "@CRLF" If $objItem.onAccessScanningEnabled = $True $Msg = $Msg + "On-access scanning is enabled@CRLF" Else $Msg = $Msg + "Warning: on-access scanning is disabled!@CRLF" EndIf If $objItem.productUptoDate = $True $Msg = $Msg + "Virus definitions are up-to-date@CRLF" Else $Msg = $Msg + "Warning: virus definitions are NOT up-to-date!@CRLF" EndIf Next ; Query the installed Firewall product $colItems = $objWMISvc.ExecQuery( "SELECT * FROM FirewallProduct", "WQL", 48 ) If @ERROR <> 0 Syntax( "No firewall detected by WMI" ) Quit 1 EndIf ; Format the returned results $Msg = "$Msg@CRLF" + "Firewall:@CRLF=========@CRLF" For Each $objItem In $colItems $Msg = $Msg + $objItem.displayName + ", Version " + $objItem.versionNumber + "@CRLF" If $objItem.enabled = $True $Msg = $Msg + "Firewall is enabled@CRLF" Else $Msg = $Msg + "Warning: firewall is disabled!@CRLF" EndIf Next ; Display the results "$Msg" $colItems = Nothing $objWMISvc = Nothing Quit 0 Function Syntax( $myMsg ) Dim $S CLS $S = "@CRLF" If $myMsg <> "" $S = $S + "Error: $myMsg@CRLF@CRLF" EndIf $S = $S + "SecStat.kix, Version 1.01 for Windows XP SP2 and later@CRLF" $S = $S + "Display a SecurityCenter status overview For any computer@CRLF@CRLF" $S = $S + "Usage: KIX32.EXE SECSTAT.KIX [ computer ]@CRLF@CRLF" $S = $S + "Where: " + Chr(34) + "computer" + Chr(34) $S = $S + " is an optional remote computer name@CRLF" $S = $S + " (default is the local computer)@CRLF@CRLF" $S = $S + "Inspired by an entry in Alejandro Campos Magencio's blog:@CRLF" $S = $S + "http://blogs.msdn.com/alejacma/archive/2008/05/12/how-@CRLF" $S = $S + "to-get-antivirus-information-with-wmi-vbscript.aspx.@CRLF@CRLF" $S = $S + "Use WBEMTEST to find all properties for specific products.@CRLF@CRLF" $S = $S + "Written by Rob van der Woude@CRLF" $S = $S + "http://www.robvanderwoude.com" $Syntax = $S EndFunction