Powershell: Find installed Antivirus & state, filtering out Windows Defender

  antivirus, powershell, windows

I came across the basis of this script in another post here, however, I would like to take it a bit further and have been experimenting. What I am seeking to achieve is to get the name, state of the antivirus installed on the device and of course I want to filter out Windows Defender. Here is what I have so far…

The issue I have with the current code that I am not sure how to get around is that I am getting the state code for Windows Defender also.

I would greatly appreciate your advise and assistance.

clear
function Get-AntivirusName { 
[cmdletBinding()]     
param ( 
[string]$ComputerName = "$env:computername" , 
$Credential 
) 
    $wmiQuery = "SELECT * FROM AntiVirusProduct" 
    $AntivirusProduct = Get-WmiObject -Namespace "rootSecurityCenter2" -Query $wmiQuery  @psboundparameters
    [array]$AntivirusNames = $AntivirusProduct.displayName | sort -unique
    [array]$AntivirusState = $AntivirusProduct.productState | sort -unique
    $AntivirusState
    Switch($AntivirusNames) {
        {$AntivirusNames.Count -eq 0}{"Anti-Virus is NOT installed!";Continue}
        {$AntivirusNames.Count -eq 1 -and $_ -eq "Windows Defender"} {Write-host "ONLY Windows Defender is installed!";Continue}
        {$_ -ne "Windows Defender"} {"Antivirus Product(s): $_."}
   }
}
Get-AntivirusName

Source: Windows Questions

LEAVE A COMMENT