How to configure antivirus configuration XML file for secure restore

KB ID:
3132
Product:
Veeam Backup & Replication
Version:
10
Published:
Last Modified:
2020-05-08

Challenge

Veeam Backup & Replication allows you to perform the secure restore — scan machine data with antivirus software before restoring the machine to the production environment. The antivirus software that you plan to use for scanning backups is described in the AntivirusInfos.xml file. Ensure that it is properly configured.

The settings in the file are already predefined for the following antivirus software (see more details):

NOTE: If you are using other antivirus software, contact antivirus support to get the required properties. Mind that the antivirus software must support the command-line interface (CLI).

Cause

If you want to scan machine data with other antivirus software, add settings for this software to the antivirus configuration file. Mind that the antivirus software must support the command-line interface (CLI).

Solution

  1. Browse to the mount server role and open the AntivirusInfos.xml file in the %ProgramFiles%\Common Files\Veeam\Backup and Replication\Mount Service folder.
  2. Add mandatory attributes:
    • AntivirusInfo Name
    • IsPortableSoftware
    • ExecutableFilePath
    • CommandLineParameters
    • RegPath
    • ServiceName
    • ThreatExistsRegEx
    • IsParallelScanAvailable
    <AntivirusInfo Name='Windows Defender' IsPortableSoftware='false' ExecutableFilePath='%ProgramFiles%\Windows Defender\mpcmdrun.exe' CommandLineParameters='-Scan -ScanType 3 -File %Path% -DisableRemediation -BootSectorScan' RegPath='HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend' ServiceName='WinDefend' ThreatExistsRegEx='Threat\s+information' IsParallelScanAvailable='false'>
         <ExitCodes>
            <ExitCode Type='Success' Description='No threats detected'>0</ExitCode>
            <ExitCode Type='Error' Description='Antivirus scan was completed with errors'>2</ExitCode>
            <ExitCode Type='Infected' Description='Virus threat was detected'>2</ExitCode>
         </ExitCodes>
      </AntivirusInfo>
  3. Add desired exit codes.
  4. Make sure the restore functionality works correctly.

Rate the quality of this KB article: 
5 out of 5 based on 1 ratings

Couldn't find what you were looking for?

Below you can submit an idea for a new knowledge base article.

Report a typo on this page:

Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!

Spelling error in text:

Submit