using System.Collections.Generic;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Threading.Tasks;
internal const int SM_CLEANBOOT = 67;
[DllImport("user32.dll")]
internal static extern int GetSystemMetrics(int smIndex);
static void Main(string[] args)
var IsSafeMode = GetSystemMetrics(SM_CLEANBOOT);
bool safeModeActive = Convert.ToBoolean(IsSafeMode);
ManagementObjectSearcher wmiData = new ManagementObjectSearcher(@"root\SecurityCenter2", "SELECT * FROM AntiVirusProduct");
ManagementObjectCollection data = wmiData.Get();
foreach (ManagementObject virusChecker in data)
var AvName = virusChecker["displayName"];
var xstate = virusChecker["productState"];
var f = Convert.ToInt32(xstate);
var zz = f.ToString("X").PadLeft(6, '0');
var y = zz.Substring(2, 2);
string text = String.Format("In SafeBoot Mode = {0} AVInstalled = {1} Status = {2} ", Convert.ToBoolean(IsSafeMode).ToString(), AvName.ToString(), StatusOfAV);
System.IO.File.WriteAllText(@"C:\Users\Public\SafeBoot.txt", text);
BcdStoreAccessor b = new BcdStoreAccessor();
//some stuff came from here
//https://gallery.technet.microsoft.com/scriptcenter/Get-the-status-of-4b748f25
public static bool AntivirusInstalled()
string wmipathstr = @"\\" + Environment.MachineName + @"\root\SecurityCenter2";
ManagementObjectSearcher searcher = new ManagementObjectSearcher(wmipathstr, "SELECT * FROM AntivirusProduct");
ManagementObjectCollection instances = searcher.Get();
return instances.Count > 0;
Console.WriteLine(e.Message);
// https://stackoverflow.com/questions/25295117/use-c-sharp-bcd-wmi-provider-to-safeboot-windows?noredirect=1
public class BcdStoreAccessor
public const int BcdOSLoaderInteger_SafeBoot = 0x25000080;
public enum BcdLibrary_SafeBoot
private ConnectionOptions connectionOptions;
private ManagementScope managementScope;
private ManagementPath managementPath;
public BcdStoreAccessor()
connectionOptions = new ConnectionOptions();
connectionOptions.Impersonation = ImpersonationLevel.Impersonate;
connectionOptions.EnablePrivileges = true;
managementScope = new ManagementScope("root\\WMI", connectionOptions);
managementPath = new ManagementPath("root\\WMI:BcdObject.Id=\"{fa926493-6f1c-4193-a414-58f0b2456d1e}\",StoreFilePath=\"\"");
public void SetSafeboot()
ManagementObject currentBootloader = new ManagementObject(managementScope, managementPath, null);
currentBootloader.InvokeMethod("SetIntegerElement", new object[] { BcdOSLoaderInteger_SafeBoot, BcdLibrary_SafeBoot.SafemodeMinimal });
public void RemoveSafeboot()
ManagementObject currentBootloader = new ManagementObject(managementScope, managementPath, null);
currentBootloader.InvokeMethod("DeleteElement", new object[] { BcdOSLoaderInteger_SafeBoot });
public static void Restart()
StartShutDown("-f -r -t 5");
public static void LogOff()
/// Shutting Down Windows
public static void Shut()
StartShutDown("-f -s -t 5");
private static void StartShutDown(string param)
ProcessStartInfo proc = new ProcessStartInfo();
proc.WindowStyle = ProcessWindowStyle.Hidden;
proc.Arguments = "/C shutdown " + param;