Powershell – How to detect when Antivirus is out-of-date with Powershell

powershell

Is it possible to use powershell to determine if/when the antivirus was last updated on a Win7 or Win2008 Server machine?

Best Answer

This is dependent on the Anti-Virus software:

Does it provide logging you could parse?
Does it provide a programmatic notification of being "out of date"?
Does it provide an administrative API?

If the software logs definition/engine updates to the Windows event log you could look for the most recent update, and see when that happened. E.g. with Microsoft Security Essentials in Windows 7, this will tell me the date/time of the most recent definition update (Get-EventLog returns events in order from the event log, so the first match is the most recent):

(get-eventlog -LogName system -Source "Microsoft-Windows-WindowsUpdateClient" -InstanceId 19 |
?{$_.Message -match "Microsoft Security Essentials"} | select -first 1).TimeGenerated

Clearly the details will vary by OS and AV package.

Related Solutions

Powershell – New-QADUser CmdLet not adding UserPrincipalName when called in PowerShell

I think the problem was the fact that we are using Exchange 2007 which does not use RUS. When I used the Exchange 2007 CmdLets to do the same thing everything is working correctly.

Powershell – How to determine 32 or 64 bit version of Windows Server 2008 using Powershell

Or try this:

PS C:\Users\jeffh> $os=Get-WMIObject win32_operatingsystem
PS C:\Users\jeffh> $os.OSArchitecture
64-bit

Found at: http://msgoodies.blogspot.com/2008/05/is-this-powershell-session-32-bit-or-64.html

Best Answer

Related Solutions

Powershell – New-QADUser CmdLet not adding UserPrincipalName when called in PowerShell

Powershell – How to determine 32 or 64 bit version of Windows Server 2008 using Powershell

Related Topic