Changes for page Microsoft Defender


From version 2.1
edited by jdr
on 30.05.2022, 08:42
Change comment: There is no comment for this version
To version 3.2
edited by jdr
on 30.05.2022, 08:52
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -38,6 +38,10 @@
38 38  
39 39  == Usage ==
40 40  
41 +Once a virus signature is detected, the following message is seen:
42 +
43 +{{lightbox image="en_ms_defender_backend_upload.png"/}}
44 +
41 41  === Test file ===
42 42  
43 43  A common method to check virus scanners is the //eicar.com// file.
... ... @@ -50,6 +50,12 @@
50 50  
51 51  When a virus scan is run by Microsoft Defender's //Malware Protection Command Line Utility//, the results are written to an MpCmdRun.log file. This allows the exact command line return of the scan to be traced. Usually this log file is located in the local temp directory. For example: //C:\Users\<UserName>\AppData\Local\Temp\MpCmdRun.log//
52 52  
57 +{{formcycle/}} logs can be found for this at // /tomcat9/bin/logs.//
58 +
59 +: For example, after uploading the //eicar.com// test file, the following entry can be seen in //formcycle-errors-log //:
60 +; {{code language="shell"}} [WARN] [25-05-22 10:10:21,192] [ajp-nio-127.0.0.1-8009-exec-43] (MalwareScanner.java:211) - Scanner <fc.plugin.fc_plugin_malware_scanner_ms_defender. MsDefenderFileScanner@7b2a4953> detected malware signature for file </home/fc/tomcat9/tmp/xima-temp/formcycle7/xfc-malware-scan/stream-scan12705251110052849842/data2383296604287452271>: {stream=[Win.Test.EICAR_HDB-1]} {{code}}
61 +; {{code language="shell"}} [ERROR] [25-05-22 10:10:21,207] [ajp-nio-127.0.0.1-8009-exec-43] (VirusScannerService.java:71) - Detected a virus {{/code}}
62 +
53 53  == Version history ==
54 54  
55 55  **Version 1.0.2**
... ... @@ -62,4 +62,4 @@
62 62  
63 63  **Version 1.0.0**
64 64  
65 -* Initial release
75 +* Initial release{{/code}}