Antivirus Audit Policies

Audit policies designed to allow users to determine if an antivirus package is installed and set to a working state.

Antivirus Policies

File Description
CA_AV.audit This audit determines if CA eTrust Antivirus is installed and set to be active at boot. (Last updated January 29, 2009.)
symantec.audit This audit determines if Symantec AV Corp Edition is installed and set to be active at boot. This can be used in conjunction with Nessus NASL 21725 to determine the current version of the signatures. (Last updated August 1, 2012.)
mcafee.audit This audit determines if McAfee VirusScan is installed and set to be active at boot. This can be used in conjunction with Nessus NASL 12107 to determine the current version of the signatures. (Last updated November 12, 2008.)
norton.audit This audit determines if Norton AntiVirus or Norton Internet Security is installed and set to be active at boot. This can be used in conjunction with Nessus NASL 12106 to determine the current version of the signatures. (Last updated November 12, 2008.)
bitdefender.audit This audit determines if BitDefender AntiVirus is installed and set to be active at boot. (Last updated January 26, 2009.)
clamav.audit This audit determines if Clam AntiVirus is installed and running and also ensures that the signature updater has been configured. This .audit file is for Linux implementations of Clam AntiVirus only. (Last updated November 12, 2008.)
trend.audit This audit determines if Trend Micro OfficeScan is installed and set to be active at boot. This can be used in conjunction with Nessus NASL 16192 to determine the current version of the signatures. (Last updated June 4, 2012.)
fprotav_linux.audit This audit determines if F-PROT Anti-virus is installed and running. (Last updated February 8, 2012.)
Microsoft_Antimalware.audit This audit determines if the Antimalware component of Microsoft Endpoint Protection is installed and set to be active at boot. (Last updated July 20, 2012.)
panda.audit This audit determines if Panda 2008, 2009 or Antivirus + Firewall is installed and set to be active at boot. This can be used in conjunction with Nessus NASL 20283 to determine the current version of the signatures. (Last updated November 12, 2008.)
sophos.audit This audit determines if Sophos Anti-Virus installed and set to be active at boot. This can be used in conjunction with Nessus NASL 12215 to determine the current version of the signatures. (Last updated November 12, 2008.)
kaspersky.audit Kaspersky Anti-Virus (Audit last updated May 12, 2016)