DEVHIDE
Login Or Sign up

Why does WMI show duplicate entries for the same A/V product in \\root\SecurityCenter2?

829 Views Asked by At

I have been using WMI to retrieve the antivirus/antispyware/firewall products registered in the Windows Security Center. Since last month duplicate entries for ESET Internet Security started showing up (since v12.2.29). Somebody else said it also happened with McAfee.

ESET said that since Windows 8, WMI should not be used to check this as there is new API made specifically for this. Apparently this is IWscProduct, which indeed does not seem to report the duplicates.

But I want to know if WMI can still be used as well, as this is required for pre-Win8 and I have not seen any reports that it shouldn't be used in Win8+ anymore.

To test, use this command line to check the installed antivirus products: WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get /Format:List

And this is what it outputs on my computer:

displayName=Windows Defender
instanceGuid={D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
pathToSignedProductExe=windowsdefender://
pathToSignedReportingExe=%ProgramFiles%\Windows Defender\MsMpeng.exe
productState=393472
timestamp=Fri, 11 Oct 2019 16:09:34 GMT

displayName=ESET Security
instanceGuid={885D845F-AF19-0124-FECE-FFF49D00F440}
pathToSignedProductExe=C:\Program Files\ESET\ESET Security\ecmds.exe
pathToSignedReportingExe=C:\Program Files\ESET\ESET Security\ekrn.exe
productState=266240
timestamp=Mon, 11 Nov 2019 08:20:20 GMT

displayName=ESET Security
instanceGuid={EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
pathToSignedProductExe=C:\Program Files\ESET\ESET Security\ecmds.exe
pathToSignedReportingExe=C:\Program Files\ESET\ESET Security\ekrn.exe
productState=266240
timestamp=Wed, 02 Oct 2019 07:08:22 GMT

Windows Defender is disabled and as you can see, the second ESET entry has not been touched for over a month now.

Now my questions are:

  1. Can WMI(C) still be used to query the Windows Security Center in Win8+?
  2. If not, has anybody seen any reports/warnings about this?
  3. Or is this a Microsoft bug?
  4. Or is ESET (and McAfee?) doing something wrong (registering a new version without deregistering the old one)?

Any help is much appreciated.

windows wmi firewall antivirus wsc
Original Q&A
0

There are 0 best solutions below

Related Questions in WINDOWS

Related Questions in WMI

Related Questions in FIREWALL

Related Questions in ANTIVIRUS

Related Questions in WSC

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.