<#
.SYNOPSIS
Checks installed antivirus, antispyware, and firewall products on Windows.
.DESCRIPTION
Queries Windows Security Center (root\SecurityCenter2) to detect
all registered security products and their status.
Works on Windows 8, 10, 11, and Server 2016+.
>
Write-Host “=== Security Product Detection Script ===” -ForegroundColor Cyan
Define a helper function
function Get-SecurityProducts {
param (
[string]$ProductType
)
$namespace = "root\SecurityCenter2"
$class = switch ($ProductType.ToLower()) {
"antivirus" { "AntiVirusProduct" }
"antispyware" { "AntiSpywareProduct" }
"firewall" { "FirewallProduct" }
default { return }
}
try {
$products = Get-CimInstance -Namespace $namespace -ClassName $class -ErrorAction Stop
} catch {
Write-Host "Unable to query $ProductType products (may require admin rights or not supported on this OS)." -ForegroundColor Yellow
return @()
}
$products | Select-Object `
@{Name="Type"; Expression={$ProductType}},
displayName,
pathToSignedProductExe,
productState,
timestamp}
Query all three product types
$allProducts = @()
$allProducts += Get-SecurityProducts -ProductType “Antivirus”
$allProducts += Get-SecurityProducts -ProductType “Antispyware”
$allProducts += Get-SecurityProducts -ProductType “Firewall”
if ($allProducts.Count -eq 0) {
Write-Host “No registered security products found.” -ForegroundColor Red
exit
}
Decode productState for antivirus products
function Decode-ProductState {
param([int]$state)
# Format: 0x10xyyy
$hex = ‘{0:X6}’ -f $state
$status = switch -regex ($hex) {
‘1$’ { “Disabled” }
’10$’ { “Enabled” }
default { “Unknown” }
}
return $status
}
Display results neatly
$allProducts | ForEach-Object {
$status = if ($_.productState) { Decode-ProductState $_.productState } else { “Unknown” }
Write-Host “[$($_.Type)] $($_.displayName)” -ForegroundColor Green
Write-Host ” Path: $($_.pathToSignedProductExe)”
Write-Host ” Status: $status”
Write-Host ” Last Updated: $($_.timestamp)”
Write-Host “”
}
<#
.SYNOPSIS
Checks installed antivirus, antispyware, and firewall products on Windows.
.DESCRIPTION
Queries Windows Security Center (root\SecurityCenter2) to detect
all registered security products and their status.
Works on Windows 8, 10, 11, and Server 2016+.
>
Write-Host “=== Security Product Detection Script ===” -ForegroundColor Cyan
Define a helper function
function Get-SecurityProducts {
param (
[string]$ProductType
)
$namespace = "root\SecurityCenter2"
$class = switch ($ProductType.ToLower()) {
"antivirus" { "AntiVirusProduct" }
"antispyware" { "AntiSpywareProduct" }
"firewall" { "FirewallProduct" }
default { return }
}
try {
$products = Get-CimInstance -Namespace $namespace -ClassName $class -ErrorAction Stop
} catch {
Write-Host "Unable to query $ProductType products (may require admin rights or not supported on this OS)." -ForegroundColor Yellow
return @()
}
$products | Select-Object `
@{Name="Type"; Expression={$ProductType}},
displayName,
pathToSignedProductExe,
productState,
timestamp}
Query all three product types
$allProducts = @()
$allProducts += Get-SecurityProducts -ProductType “Antivirus”
$allProducts += Get-SecurityProducts -ProductType “Antispyware”
$allProducts += Get-SecurityProducts -ProductType “Firewall”
if ($allProducts.Count -eq 0) {
Write-Host “No registered security products found.” -ForegroundColor Red
exit
}
Decode productState for antivirus products
function Decode-ProductState {
param([int]$state)
# Format: 0x10xyyy
$hex = ‘{0:X6}’ -f $state
$status = switch -regex ($hex) {
‘1$’ { “Disabled” }
’10$’ { “Enabled” }
default { “Unknown” }
}
return $status
}
Display results neatly
$allProducts | ForEach-Object {
$status = if ($_.productState) { Decode-ProductState $_.productState } else { “Unknown” }
Write-Host “[$($_.Type)] $($_.displayName)” -ForegroundColor Green
Write-Host ” Path: $($_.pathToSignedProductExe)”
Write-Host ” Status: $status”
Write-Host ” Last Updated: $($_.timestamp)”
Write-Host “”
}