none
For Window defender for complete file & folders scan log report, which C++ API's are used ? RRS feed

  • Question

  • For Window defender for complete file & folders scan log report, which C++ API's are used. Already on MSDN they have provided 16 API's , but none of them gives details information about  generation of scan log file on the local directory. By default windows Defender generates the logs in the Event Viewer. 

    Can anybody help me out for this. All suggestions are welcome..

     
    Wednesday, September 18, 2019 6:52 AM

Answers

  • You need to extract information from these structures and print them into a file.

    Best regards,

    Jeffrey


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by SkyReachers Thursday, September 19, 2019 5:37 AM
    Thursday, September 19, 2019 2:35 AM

All replies

  • Hi,

    In MpScanStart , Type: PMPCALLBACK_INFO

    The MPCALLBACK_DATA passed back in the callback function reports actual scan state and progress-related information.

    When type is MPNOTIFY_SCAN_COMPLETE or MPNOTIFY_SCAN_PROGRESS  etc, additional information is available via MPSCAN_DATA structure, which contains MPRESOURCE_INFO structure.

    What's information do you want?

    Best regards,

    Jeffrey


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.



    • Edited by Jeffrey Shao Wednesday, September 18, 2019 9:43 AM
    Wednesday, September 18, 2019 9:42 AM
  • Hi Jeffery ,

    Thanks for your reply.

    I want to generate scan log report file on the local directory for the scan files details using VC++ or C++ API's. 

    So which API I will  use to generate the log file. 

    Wednesday, September 18, 2019 10:39 AM
  • You need to extract information from these structures and print them into a file.

    Best regards,

    Jeffrey


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by SkyReachers Thursday, September 19, 2019 5:37 AM
    Thursday, September 19, 2019 2:35 AM
  • Correct Jeffrey.

    On  MSDN portal for windows Defender they  haven't mentioned any direct API's, which logs the windows defender scan log contents. I need windows API in which , I will provide custom directory path where it generates the log file.


    • Edited by SkyReachers Thursday, September 19, 2019 7:16 AM
    Thursday, September 19, 2019 5:37 AM
  • On  MSDN portal for windows Defender they  haven't mentioned any direct API's, which logs the windows defender scan log contents. I need windows API in which , I will provide custom directory path where it generates the log file.

    There is no option (or API) available to instruct Windows Defender to create the desired scan log in a user specified location.

    For example, take a look at the command line parameters used with mpcmdrun.exe ( Configure and manage Windows Defender Antivirus with the mpcmdrun.exe command-line tool ).  Note that no logging options are available.

    Thursday, September 19, 2019 2:50 PM
  • Thanks RLWA32.

    Can anybody help out for the Windows Defender logs. 

    How to get the Windows Defender logs from the EventViewer into the local Application log file using VC++ and C#.Net ?



    • Edited by SkyReachers Friday, September 20, 2019 11:20 AM
    Friday, September 20, 2019 11:13 AM