Microsoft Defender

7.0.13+ This plugin can only be used with Xima® Formcycle version 7.0.13 or higher.

Content [ Hide ]

Functionality
Installation
Configuration
Example configuration
Usage
- Test file
- Logging

With the free Microsoft Defender plugin for Xima® Formcycle it is possible to scan uploaded files for viruses. For this purpose the plugin uses the Malware Protection Command Line Utility provided by Microsoft Defender.

Functionality

Instant virus scan: Each file is scanned immediately after it is uploaded.

In Xima® Formcycle it is possible to upload files e.g. in the form through an upload element or in the backend of Xima® Formcycle. Through this plugin the Malware Protection Command Line Utility of Microsoft Defender is addressed and a virus scan is performed on the uploaded file. If, according to Microsoft Defender, the file is a virus, an error message is displayed and an entry is added to the process log.

Installation

To ensure that the plugin is also available in all clients and forms, it is recommended to install it as a system plugin, which allows for better central administration and configuration.

Configuration

The following configuration parameters exist:

MpCmdRun-path (Required).: File path to MpCmdRun.exe or Malware Protection Command Line Utility from Microsoft Defender. Through it, a scan can take place in the file system through the command line. If this configuration is not done, an attempt is made to generate a possible file path, which is then specified in the plugin description. However, it is recommended to specify the path to MpCmdRun.exe or Malware Protection Command Line Utility itself. Possible file paths could be: C:\Program Files\Windows Defender\MpCmdRun.exe or C:\ProgramData\Microsoft\Windows Defender\Platform\<select last version>\MpCmdRun.exe
scan-timeout (Required): Allows to define the time in seconds before the scan process is stopped. After the timeout, the file will be treated as a file where a virus was found. The default value is 45 seconds.

Example configuration

Example configuration of the plugin:

Usage

Test file

A common method to check virus scanners is the eicar.com file.
For example, in the backend of Xima® Formcycle this test file can be uploaded and after successful configuration an error message can be seen.

Wikipedia
Download

Logging

When a virus scan is run by Microsoft Defender's Malware Protection Command Line Utility, the results are written to an MpCmdRun.log file. This allows the exact command line return of the scan to be traced. Usually this log file is located in the local temp directory. For example: C:\Users\<UserName>\AppData\Local\Temp\MpCmdRun.log