I think I have a download posted - VBscript that queries remote computers and gives a list of the results.......
Check the downloads tab - - if not, I'll get it posted. "Is it installed" is the name or something like that. Can be used for SEP or pretty much anything that shows up in the installed apps list in Windows.
It's SLICK.
I also have a script that runs in the login script here at work that queries the service to see if it's present and started.
This needs tweaking and serious clean-up, but works in the login script and sends me an email if something is amiss...
' Symantec Verification Script
' Bill Dickerson
' Iowa Vocational Rehabilitation Services
' Verifies Symantec Endpoint Protection process is running.
' Updated Exchange server IP to reflect ITE server, Bill Dickerson 4-1-08
' -------------------------------
On Error Resume Next
Dim oWSH, objNet, wmiRoot, wmiColl, wmiObj, vbCRLF
Dim sParentServer, sClientGroup, sVirusEngine, sRegPath, sComputerName, sErrorMsg3''Strings
Dim bFoundNavProc, bFoundNavRegVals, u1
Dim oDict 'Dictionary Object for Registry Values
vbCRLF = Chr(13) & Chr(10)
'==================================
'Constants
Const cEmailServer = "165.xxx.xxx.xxx" 'Name of Exchange Server to send email through
Const cSendTo = "bill.myemail"
'Const cSendTo = "theiremailaddy"
Const cMailFrom = """AntiVirus"" <antivirus.problem@iowa.gov>"
Const cdoNTLM = 2 'NTLM for email server authentication before sending mail
Const iSleepTime = 180000 '50 seconds
'Initialize Error Message Variable
sErrorMsg3 = ""
'Sleep for 50 seconds to allow the user to log in and SEP to start
'WScript.Echo "Sleeping for 50 seconds"
WScript.Sleep(iSleepTime)
'WScript.Echo "OK, I'm awake now!"
' Create Objects
Set oWSH = WScript.CreateObject("Wscript.Shell")
Set oDict = WScript.CreateObject("Scripting.Dictionary")
Set wmiRoot = GetObject("WinMgmts:root/cimv2")
Set objNet = CreateObject("WScript.NetWork")
u1 = objNet.UserName
'Finds SEP service, see if it's "Running" (case is important)
Set objWMI = GetObject("winmgmts:\\.\root\cimv2")
'Determine if SEP is Running
Set colServices2 = objWMI.ExecQuery("SELECT State, StartMode FROM Win32_Service WHERE Name='Symantec Endpoint Protection'")
For Each objService In colServices2
strState2 = objService.State
If strState2 = "Running" Then
' WScript.Echo strState2
sErrorMsg3 = ""
Else
' WScript.Echo strState2
sErrorMsg3 = "SEP is not running."
End If
Next
'Get Computer Name
Set wmiColl = wmiRoot.ExecQuery("Select Name FROM Win32_ComputerSystem")
For Each wmiObj In wmiColl
sComputerName = wmiObj.Name
Next
If sErrorMsg3 <> "" Then ' if SEP service is not running - send mail
' **** Send Email About This Computer ***''
Set objMessage = CreateObject("CDO.Message")
' WScript.Echo "AntiVirus Error(s) found. Sending Email To Admin"
objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = cEmailServer
objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
objMessage.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") =cdoNTLM
objMessage.Configuration.Fields.Update
objMessage.Subject = "Symantec Endpoint Protection error on " & sComputerName
objMessage.From = cMailFrom
objMessage.To = cSendTo
objMessage.TextBody = "The following error(s) were found on " & sComputerName & ":" & sErrorMsg3 & vbCrlf & vbCrlf & "From user: " & u1
objMessage.Send
End If