Audit Antivirus
Silent install package for Audit Antivirus
11-2
Security
Security
tis-audit-antivirus
The tis-audit-antivirus package is an audit package that detects the antiviruses present on the machines and returns their state (active or inactive) and their version info.
The audit data can be viewed in the "Audit data" tab for each host, simply clic on the audit-antivirus row to display the data in the box below.
WARNING this package does not work on Windows Server versions.
- package: tis-audit-antivirus
- name: Audit Antivirus
- version: 11-2
- categories: Security
- maintainer: WAPT Team,Tranquil IT,Simon Fonteneau
- licence: wapt_public
- target_os: windows
- architecture: all
- signature_date:
- size: 7.01 Ko
package : tis-audit-antivirus
version : 11-2
architecture : all
section : base
priority : optional
name : Audit Antivirus
categories : Security
maintainer : WAPT Team,Tranquil IT,Simon Fonteneau
description : Audit antivirus status
depends :
conflicts :
maturity : PROD
locale :
target_os : windows
min_wapt_version : 2.3
sources :
installed_size :
impacted_process :
description_fr :
description_pl :
description_de :
description_es :
description_pt :
description_it :
description_nl :
description_ru :
audit_schedule : 1d
editor :
keywords : antivirus,anti,virus,edr
licence : wapt_public
homepage :
package_uuid : 2186710a-3bf2-4883-80aa-42efd7945716
valid_from :
valid_until :
forced_install_on :
changelog :
min_os_version : 10
max_os_version :
icon_sha256sum : f87a212670887a0473cefbcfb6102392de93b44cf812ba8b9af33244ece1f6e2
signer : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature_date : 2026-03-13T11:00:26.000000
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes
signature : S1zgM8DPoMnIw0g5C/VGOCHKTMUwp8B6W1GHgTI8UdMu+picXztuHpawgc6kaqKHbtxYaOp/7whRAaD6Glvw0PhTzCF6YpP2u+bfuDiw4IoaIa/3jJf9V3RDOVAUmjwCX6WXG58C3HuRjNz7DiRXcL65/AcJMv2F7oZAIvwIY+4PZShqW/950MEMCc64xXnL80stNX1q6IRTQJiWmEs++kgg2WwcWXRcBFybDxcppirV2qmYlK6nHzTNTCmgaa9H7YZUJzQUBACf4chEBzD8K1rVHw+YdILS2dIpDNoodVAn5Nuj+YhsZs+4xvZp+GPmshwByFGMhLu8RkEsgCOUQg==# -*- coding: utf-8 -*-
from setuphelpers import *
def install():
pass
def audit():
data = {u["name"].replace(" ", "-").strip(): u for u in get_antivirus_info2()}
WAPT.write_audit_data_if_changed("audit-antivirus", "audit-antivirus", data)
return "OK"
def get_antivirus_info2():
list_av = []
try:
objWMI = run_powershell('Get-CimInstance -Namespace "root/SecurityCenter2" -ClassName "AntiVirusProduct"')
for obj in objWMI:
dict_av_info = {}
dict_av_info["instanceGuid"] = str(objWMI.get("instanceGuid",""))
if not dict_av_info["instanceGuid"]:
continue
dict_av_info['name'] = objWMI.get('displayName',"")
dict_av_info["pathToSignedProductExe"] = str(objWMI.get("pathToSignedProductExe",""))
dict_av_info["pathToSignedReportingExe"] = str(objWMI.get("pathToSignedReportingExe",""))
dict_av_info["productState"] = str(objWMI.get("productState",""))
dict_av_info["timestamp"] = str(objWMI.get("timestamp",""))
if "Windows Defender" in dict_av_info['name'] :
objWMI = run_powershell('Get-CimInstance -Namespace "root/microsoft/windows/defender" -ClassName "MSFT_MpComputerStatus"')
dict_av_info["AMProductVersion"] = str(objWMI.get("AMProductVersion",""))
dict_av_info["AntivirusEnabled"] = str(objWMI.get("AntivirusEnabled",""))
dict_av_info["AntivirusSignatureVersion"] = str(objWMI.get("AntivirusSignatureVersion",""))
if not dict_av_info["AntivirusSignatureVersion"]:
dict_av_info["AntivirusSignatureVersion"] = registry_readstring(HKEY_LOCAL_MACHINE,"SOFTWARE/Microsoft/Windows Defender/Signature Updates","AVSignatureVersion")
#TODO https://github.com/fusioninventory/fusioninventory-agent/blob/df6e8e10e498ec4d7a8a883568a8474a329dbb16/lib/FusionInventory/Agent/Task/Inventory/Win32/AntiVirus.pm#L120
if "McAfee" in dict_av_info['name'] :
pass
if "Kaspersky" in dict_av_info['name'] :
pass
if "ESET" in dict_av_info['name'] :
pass
if "McAfee" in dict_av_info['name'] :
pass
if "Avira" in dict_av_info['name'] :
pass
if "Security Essentials" in dict_av_info['name'] :
pass
if "F-Secure" in dict_av_info['name'] :
pass
if "Bitdefender" in dict_av_info['name'] :
pass
if "Norton" in dict_av_info['name'] :
pass
list_av.append(dict_av_info)
except:
raise
return list_av5a82af8a22d9363b299657aee320a0f55434438e553bd042681a8933290ee9aa : WAPT/README.md
8a7d67484ebb7a10bd8b6e1cec2c4ce7391b600c946fefbc4e8dc8cec1ac3f0c : WAPT/README_fr.md
38d056ab130f7bf7c481c12636a4e9959de36561d3dfcbe54c6e3571bc0c1dc3 : WAPT/certificate.crt
f9afb3b43d84587790653c3835bc13af1ac5b272f95cf108ff9ba9b55fa1c196 : WAPT/control
f87a212670887a0473cefbcfb6102392de93b44cf812ba8b9af33244ece1f6e2 : WAPT/icon.png
4eee1141ee0db203dfce8e5eccc1bd23bb62f83fa9ec21df96c4e7d5a4a11258 : luti.json
32e86e3727abebcc7189c13fa4f1e3d6923a3ef9cc85e8aa47d1076f0efd8a41 : setup.py