Supported Antivirus Products

The latest version of the Advanced Monitoring Agent monitors the definition updates for the following products:


Product and Version


Avast! Antivirus 7

Avast! 2014


Avira AntiVir Professional

Avira AntiVir Server



Bitdefender Client Security

Bitdefender Cloud Security

Bitdefender GravityZone Security for Endpoints

Bitdefender Security for Exchange

Bitdefender Security for Mail Servers

Bitdefender 6.2

The Bitdefender Check does not support fast ring updates.


CA eTrust Inoculan

CA eTrust inoculateIT

CA Antivirus 2009


Eset Nod32


F-Secure Antivirus (up to version 12)


GData Antivirus 2010

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Business and Enterprise Edition (Client)

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Enterprise 11 (Client)

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Business 13 (Client)

Engine A (Bitdefender)

Engine B (GData)

GData Antivirus 2012

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus 2014

Engine A (Bitdefender)

Engine B (GData)


Grisoft AVG


Kaspersky Antivirus v6

Kaspersky Antivirus 7

Kaspersky Anti-virus 8.0 for Windows Servers Enterprise Edition

Kaspersky Anti-Virus v11

Kaspersky Antivirus 2011

Kaspersky Antivirus 2012

Kaspersky Antivirus 2013

Kaspersky Antivirus 2014

Kaspersky Antivirus 2015

Kaspersky Antivirus 2016

Kaspersky Antivirus 2017

Kaspersky Endpoint Security v8 for Windows for Fileservers

Kaspersky Endpoint Security for Windows Version 8.1.x

Kaspersky Endpoint Security 10

Kaspersky Enterprise Edition

Kaspersky Enterprise Edition v6

Kaspersky Security for Microsoft Exchange Server

Kaspersky Security 10

Kaspersky Small Business Edition

Managed Antivirus*

Bitdefender Engine

VIPRE Engine


McAfree Antivirus 8.8

McAfee Endpoint Security v10

McAfee GroupShield v6.0

McAfee NetShield v4.5

McAfee Security Service for Exchange

McAfee Total Protection

McAfee VirusScan v7.0

McAfee VirusScan v7.1

McAfee VirusScan v8.0

McAfee VirusScan v8.5

McAfee WebShield v4.5.1


Microsoft Forefront Client Security

Microsoft Forefront EndPoint Protection

Microsoft System Center 2012 Endpoint Protection

Microsoft Security Essentials (including V2)

Windows Defender Antivirus (from Windows 8)

Windows Defender Antispyware (pre-Windows 8)


Norton Antivirus 2007

Included as part of the Symantec Antivirus Update Check


Norman Antivirus

Norman Endpoint Protection (including v11)


Panda Security For Business

Panda Security For Business with Exchange

Panda Security For Enterprise

Panda Cloud Office Protection (including version 6)


Sophos Antivirus


Symantec Antivirus 10.1

Symantec Antivirus IntelligentUpdate

Symantec Antivirus LiveUpdate

Symantec Antivirus RapidRelease

Symantec Endpoint Protection 12.1

Symantec Endpoint Protection v14

Symantec Endpoint Protection Cloud


Trend Antivirus

Trend Micro Antivirus 2007

Trend Officescan

Conventional Scan

Smart Scan

Trend ScanMail

Trend ServerProtect

Trend Worry Free Business Security

Conventional Scan

Smart Scan

Trend Worry-Free Business Security Services


VIPRE Antivirus

VIPRE Antivirus 2012

VIPRE Antivirus 2014

VIPRE Antivirus Business

VIPRE Antivirus Business Premium v 5.0

VIPRE Enterprise Agent

VIPRE Internet Security 2012

VIPRE Internet Security 2014

VIPRE Premium


Webroot SecureAnywhere

* Managed Antivirus Engine

As part of the Managed Antivirus installation process an Antivirus Update Check is automatically added for the selected engine.

From Dashboard 6.20.2 the daily Antivirus Update Check - Managed Antivirus (Bitdefender) was replaced with a dedicated 24x7 Managed Antivirus Update Check (Bitdefender).

As the Managed Antivirus Update Check (Bitdefender) is a 24x7 Check it will not appear in the Daily or Weekly Reports.

Parallel installation of Mail Server Antivirus products with Managed Antivirus - VIPRE engine

The following Antivirus products for E-Mail Servers can now be installed and monitored in parallel with the Managed Antivirus - VIPRE engine.




Kaspersky Security for Microsoft Exchange Server


McAfee Security Service for Exchange

McAfee GroupShield

McAfee GroupShield v6.0


Trend ScanMail

Please note that in addition to the above Mail Server Antivirus products Agent 9.22 introduced the functionality to allow Managed Antivirus - VIPRE engine to install alongside - and de-activate - Windows Defender*

Product and Definition Update Notes


Products and Notes


CA eTrust

On installation the Agent will detect indicators for both definition file update mechanisms employed by CA eTrust, although only one may be active and returning data.

To reduce noise we would suggest removing the inactive Check which can be achieved from within the Agent console itself, perhaps using Test Check to identify the active component where the Daily Safety Checks have not yet run, or from the Dashboard via Checks, Delete Checkonce the results have uploaded.


Windows Defender Antivirus (from Windows 8)

In Windows 8, Windows Defender includes both an antivirus and antispyware component with the Windows Defender AntivirusCheck monitoring both elements.

Windows Defender Antispyware (Pre-Windows 8)

In pre-Windows 8 Operating Systems, Windows Defender only contained an antispyware component which is monitored by the Windows Defender Antispyware Check.

* Please note, Agent 9.22 introduced the functionality to allow Managed Antivirus to install alongside - and de-activate - Windows Defender. This functionality utilizes technology included in the Competitor Antivirus Removal Tool (CART) and as such CART must be enabled on the device in order to allow Managed Antivirus to install in parallel with Windows Defender.


Symantec Endpoint Protection

Although the Symantec Endpoint Protection's Management Console may be installed on the server, this does not automatically install the Symantec Endpoint Protection Client on the device.

As such it may be necessary to install the Client as well as the Management Console onto the machine for protection and monitoring.


Trend OfficeScan and Trend Worry Free Antivirus

Both Trend Officescan and Trend Worry-Free Business Security have two scanning engines, Conventional Scan and Smart Scan with dedicated Checks for each engine per product, although only one may be active and returning data.

Trend OfficeScan

When installing an Agent on a server or workstation running Trend Officescan, a

Trend Officescan Conventional Scan


is automatically added as this is the default scanning engine for the product.

If you wish to monitor the SmartScan engine this may be achieved by manually selecting the Trend Officescan Smart Scan Check either in the Agent or via Dashboard Controls

Trend Worry Free Antivirus

When installing an Agent on a server or workstation running Trend Worry-Free Business Security, a

Trend Worry-Free Business Security Smart Scan Check

is automatically added, as this is the default scanning engine for this product, as well as a

Trend Worry-Free Business Security Conventional Scan Check

where detected.

Where you wish to remove either check this can be achieved either in the Agent or via Dashboard Controls

Renamed Checks from Agent 8.2.4

To take account of these update mechanism the Trend OfficeScan and Worry Free Antivirus Checks were renamed in Agent 8.2.4:

< 8.2.4

8.2.4 +

Trend Officescan Check

Trend Officescan Conventional Scan Check

Trend Worry-Free Business Security Check

Trend Worry-Free Business Security Smart Scan Check


Webroot SecureAnywhere

For this Check the Agent queries the update indicator of the local device to determine the time of the last update, as there are no local signature definition updates for the Webroot SecureAnywhere Agent

Where the update time is outside of the entered Number of days out-of-date threshold the Check is recorded as failed. For this Check Always when out-of-date will trigger a failure where an update has not taken place in the preceding 24 hours.

Please note as the Check queries a time entry (rather than a local definition file indicator) it could potentially lead to a false positive where no updates have been released by Webroot (and subsequently downloaded to the Webroot SecureAnywhere Agent) in the monitored period.

Custom Checks

Where the Antivirus product you wish to monitor is not currently supported a custom check can be added to monitor its status.

Event Log Check

If the Antivirus product writes its update information to the Windows Event Log the Event Log Check may be used to determine whether the definition files are currently up-to-date..


There is also the option to author a custom script to monitor the status of the Antivirus product, perhaps querying its native log files for this information.

For workstations we have included a Security Center script which queries the Windows Security Center to determine whether the product is out-of-date or not (where the product writes its status to the Windows Security Center).