sftAudit -- Software Audit and Virus Scan Report Generator
sftAudit is a VBScript that logs installed software, scans for viruses, or both. The script reads two configuration files and the Windows registry to generate
an HTML software audit report for Windows workstations and servers on a network. The report lists the computer name, operating system, service pack, installed
software, versions, and highlights any restricted software. Computer names are displayed as a hyperlink to the default C$ share, providing Administrators with
a way to easily search for programs not registered. Activate the ScanForViruses option to check the registry for known virus keys/values.
Requirements
sftAudit.vbs will run and report on any Windows 2000/XP/2003 workstations and servers on a network.
Windows 9x/NT systems must have Windows Management Instrumentation (WMI) 1.5 installed. [download]
Configuring and Running the Script
It is recommended to test the script on the local system and then add more and more network devices. sftAudit.vbs must be run with Administrator or Domain Admin permissions.
The two configuration files used by the script are devices.txt and software.txt.
devices.txt lists computers on the network. List one hostname or IP address per line.
software.txt lists restricted software to highlight. List one software title per line.
The installed software and virus scan options are configured by changing the following two values in sftAudit.vbs:
InstalledSoftware = "True"
ScanForViruses = "False"
DisplayReport = "True"
Change the "True" value to "False" to deactivate the option. Change the "False" value to "True" to activate the option.
Double click sftAudit.vbs or run it using CScript.exe. The report (AuditLog.html) is automatically displayed when the script completes and is overwritten the next time the script is run.
Scan For Viruses Option
When the virus scan option is activated, the script checks the registry for known virus keys/values. The script will look for the following viruses:
W32.Blaster.Worm
Nachi, Welchia, Blaster.D
W32.Sobig.A
W32.Sobig.B
W32.Sobig.C
W32.Sobig.D
W32.Sobig.E
W32.Sobig.F
W32/Mimail@mm
W32.Fizzer.A@mm
Troubleshooting
Error: Could not connect or access WMI on DEVICE
Verify the device hostname or IP address and that it is online.
The Windows Management Instrumentation service may not be started.
sftAudit.vbs must be run with Administrator or Domain Admin permissions.
Software on the restricted list is not highlighted in the report.
Copy the software title from an existing report and then paste it into software.txt.
Copyright Disclaimer
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details http://opensource.org/licenses/gpl-license.php.