Windows 10: windows defender - event log description

Hi ,


I have a concern regarding the windows event viewer Microsoft-Windows-Windows Defender/Operational.

How to fetch the current signature version alone for the defender event id 2000 .


I have written a code below


LPWSTR pwsPath = L"Microsoft-Windows-Windows Defender/Operational";

//<xpath query goes here>

LPWSTR pwsQuery = L"*[System/EventID=2000]";
EVT_HANDLE hResults = NULL;
hResults = EvtQueryNULL, pwsPath, pwsQuery, EvtQueryChannelPath EvtQueryReverseDirection;
if NULL == hResults
{
EvtSeekhResults, 0, NULL, 0, EvtSeekRelativeToCurrent;
}


this will display all the details of eventid 2000 , I need only the current signature version of the latest event event id :2000


how to write the pwsQuery to obtain the required result

:)

 

Windows Defender notification of malware detection

Hello,

Thank you for keeping us posted and we appreciate your continued patience on this issue.

At this point, I suggest you to update the Windows Defender program and check if it helps.

To check for new Windows Defender definitions manually:

• Open Windows Defender.
• Click the arrow next to the Help button, and then click Check for updates. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Also, check if the detection is of the same malware file or not. Again, see if it is any specific program or a file you try to access which triggers the detection.

Additionally, view the log in Event Viewer to check if the malware is removed every time it is prompted.

To open the Event Viewer. To do so, follow the below steps.

• Go to the Control Panel and choose to click on the
  Administrative Tools icon.
• The above action will open up a new window of the Administrative Tools where you will see the
  Event Viewer.
  

You can view Windows Defender "Operational" events in Event Viewer under Applications and Services Logs -> Microsoft -> Windows -> Windows Defender.

Kindly keep us posted, for us to be able to assist you further.

Thank you.

 

Windows Defender Fails Malware Test

hmm i've been running windows defender for a few months now, but no problems yet. most likely because i'm careful online (ff, no html emails, only trusted sites, etc). windows defender does have some annoying things with it tho (like not telling you what spyware/ problem it found, but logging it in event viewer with some cryptic id or sommat). i need to find a new proggie soon.

 

Location of Windows Defender events saved in Event Viewer

In this https://docs.microsoft.com/en-us/wi...virus/troubleshoot-windows-defender-antivirus.
According to the the mentioned link the generated events should be displayed at the following location in the Event Viewer:- Application and Services Logs/Microsoft/Windows/Windows Defender Antivirus/Operational.

But on performing actions, Events are getting stored at this location in the event viewer:- Application and Services Logs/Microsoft/Windows/Windows Defender/Operational.

How can I get Microsoft Windows Defender Antivirus folder at this location:- Application and Services Logs/Microsoft/Windows in the event viewer. So that events start getting stored at this location:- Application and Services Logs/Microsoft/Windows/Windows
Defender Antivirus/Operational.

***Original title: Microsoft Defender Antivirus***