Jump to content
Paul

Security Plugin 1.4

Recommended Posts

Hello,

 

Thanks for dropping by. This plugin is obsolete since PC Monitor has integrated support for third party security products and windows firewall monitoring. Please use PC Monitor's security center features since it's better than mine.

 

Thank You,

Paul.

 

Hello PC Monitor Users,

I would like to present my second plugin for the community. It's main purpose is to monitor the status of security software. Main features are:

  • View and get notified if the antivirus is enabled or not, updated or not.
  • View and get notified if the third-party firewall is updated or not.
  • View, get notified and control Windows Firewall.

Please take your time and read the 'readme.txt' file as it explains everything you need to know about installing, using and customizing the settings.

Note: This plugin does not support Server operating systems for checking Antivirus or Third-Party Firewall Products however starting 1.4 you can monitor and manage Windows Firewall.

Warning: Not all security products are supported on windows vista+. Vista and newer generation operating systems include a newer Security Center which permits security software developers to have custom statuses based on a 6 digit code. There is a standard code set which is used by most antiviruses but some choose to have custom status codes. If your plugin shows on your PC Monitor client "Unknown status: NUMBER" this means that your antivirus solution has custom codes.

In order to make the plugin work we need the status codes for all four possible situations:

  • Auto protect Enabled - Antivirus Updated
     
  • Auto protect Disabled  - Antivirus Updated
     
  • Auto protected Enabled - Antivirus Outdated
     
  • Auto protected Disabled - Antivirus Outdated

You can get these status codes yourself by enabling diagnostics in PC Monitor and viewing the trace log generated in your PC Monitor executable path.

In order to enable the diagnostic logging feature you need to:

  • Open 'PC Monitor Manager'
  • Open the 'Settings' tab
  • Open the 'Diagnostics' sub tab
  • Click the button 'Enable Diagnostics'

In the file trace.log you will see an entry:

  • 03/02/2012, 11:32:33.007: [securityPlugin Plugin] Unknown State: NUMBER

Take a note of that number and write it down along with the antivirus state at that moment. Then change the state of the antivirus and wait 15 seconds to see another state number then continue with the remaining states. After you got all four post a reply to this thread with the codes and the product name.

Thank you for helping improve our plugin.

My release is open-source bound by no license. That being said you can freely modify, distribute, claim as your work, sell and / or include in your copyrighted material as long as it doesn't breach PC Monitor's license or terms and conditions.

Download Link: Click (Version 1.4)

 

Changes:

  • Added support for Product Version on Pre-Vista environments.
  • Added support for Firewall products.
  • Added support for Windows Firewall
  • Added support for notification switches on mobile clients.
  • Revamped configuration system.
  • Fixed an issue where the notifications would be sent without computer identification details.

Any feedback and plugin ideas will be appreciated.

Screenshots:

post-9-0-07896400-1328288928_thumb.png post-9-0-60810000-1328288930_thumb.png

Edited by Paul

Share this post


Link to post
Share on other sites

Hi Paul,

Thanks for your efforts here. I can confirm that this works with Sophos AV (I must have got those numbers right!!!), with XP. Hope to have the other two numbers for Sophos (Enabled and out dated + disabled and out dated)

cheers

Share this post


Link to post
Share on other sites

Also please let me know if your antivirus solution works with this plugin so I can add to the tested products list.

Thanks for using my plugin!

Share this post


Link to post
Share on other sites

Tested with Mcafee, version Enterprise, and version Home. Boot work.

I have observed that sometimes on having started, for the order of the processes the antivirus this one still deactivated, then you receive a notification. When you delete, received another notification all is ok.This generates many false alarms, and many green notification. I believe that it is too verbose.

Share this post


Link to post
Share on other sites

I believe I can add a timeout for two minutes to see if the status doesn't change back to it's original state then send a notification. Would two minutes be enough for your antivirus product to start up?

Share this post


Link to post
Share on other sites

Also please let me know if your antivirus solution works with this plugin so I can add to the tested products list.

Thanks for using my plugin!

I have tested this with Avast! Pro, and it works great. Thanks for a great plugin! I will let you know as I try other products.

Share this post


Link to post
Share on other sites

I think two minutes is enough

Thank you for your feedback. The changes you requested will be done until next monday.

Paul.

Update released, check first post.

Edited by Paul

Share this post


Link to post
Share on other sites

Very good idea, the switch for notifications, and timeout. I'am not sure it the nofication time is in seconds or minutes.

But I have a bad news. It does not work in windows XP. I have proved it in four machines and none works.

Share this post


Link to post
Share on other sites

I am sorry to hear that you're having problems with my plugin. Please enable Diagnostic Logging from Settings tab and Diagnostics subtab. Doing so PC Monitor will start writing log details to a file called trace.log that can be found in the PC Monitor installation folder.

Please copy and paste any errors that are shown there in a reply over here so I can check it out.

Thank you.

Share this post


Link to post
Share on other sites

01/04/2012, 09:28:57.593: [AntivirusPlugin Plugin] Exception Thrown: Espacio de nombres no válido - en System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)

en System.Management.ManagementScope.InitializeGuts(Object o)

en System.Management.ManagementScope.Initialize()

en System.Management.ManagementObjectSearcher.Initialize()

en System.Management.ManagementObjectSearcher.Get()

en PaulCsiki.AntivirusPlugin.AntivirusPlugin.GetSecurityProducts()

Share this post


Link to post
Share on other sites

Maybe, I have no idea to be honest. Using this method it isn't possible to work with server operating systems.

@aerohard I am investigating this. I will let you know as soon as I identify the problem.

Share this post


Link to post
Share on other sites

Hello,

I've found the problem and will be fixed on the next release. The bug is only on Pre-Vista Operating Systems.

Tomorrow I will release 1.2 .

Thank you for your patience,

Paul.

Edit: First post updated with version 1.2 .

Edited by Paul

Share this post


Link to post
Share on other sites

You're right, I should have specified. The timeout is in seconds.

Paul.

Thank you Paul.

A question, when configure the plugin timeout, they are seconds or minutes?

Share this post


Link to post
Share on other sites

Hi Paul, when send the notificacion, "antivirus is now disabled", don't send the machine and the group, and I don`t kwon what machine it has the problem, unless one goes for one looking.

Share this post


Link to post
Share on other sites

We had issues on WIndows 8 RTM, which runs "Windows Defender" , which is the rebranded version of MSE.

I received the alert as Windows Defender (so thats good it figured out that that was the AV)

It shows as Status Unknown 397568

Just for your knowledge.

Share this post


Link to post
Share on other sites

Almost instantly updated status on website!

Using avast! free on windows 7 enterprise 64bit :)

Be good to add a tab to notifications and have the ability to set up notifications (if possible with plugins)!

Thanks,

Ollie

Share this post


Link to post
Share on other sites

Hello aerohard,

You are right, I did not include computer name nor the group name however I will add this in the upcoming version. In the mean time you can look on what computer the notification fired by looking at the notification list from computer details.

Hi Paul, when send the notificacion, "antivirus is now disabled", don't send the machine and the group, and I don`t kwon what machine it has the problem, unless one goes for one looking.

Hello shivamkhushali,

I have not tested the new version of Windows Defender. Apparently it's using new status codes which are not included in my plugin. I will repair this in the new version.

We had issues on WIndows 8 RTM, which runs "Windows Defender" , which is the rebranded version of MSE.

I received the alert as Windows Defender (so thats good it figured out that that was the AV)

It shows as Status Unknown 397568

Just for your knowledge.

Hello oliver.chalk,

I am pleased you like my plugin. The current API does not provide a way to add custom tabs on the notifications view, however the ability to enable and disable notifications from your mobile client will be possible on the next version.

Almost instantly updated status on website!

Using avast! free on windows 7 enterprise 64bit :)

Be good to add a tab to notifications and have the ability to set up notifications (if possible with plugins)!

Thanks,

Ollie

Thank you all for your replies.

Paul.

Share this post


Link to post
Share on other sites

Interested to see if plugin worked for ESET ENDPOINT ANTIVIRUS 5.0 on W7. Activated on PC trace log to monitor status codes just for interest. The plugin magically appeared on mobilepcmonitor APP on Android Samsung Galaxy S2. Two information fields Status Enable & Database Updated...it works!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...