Windows 10: Windows Defender - Scan API vs AMSI

Discus and support Windows Defender - Scan API vs AMSI in AntiVirus, Firewalls and System Security to solve the problem; Hello, I'm using Windows Defender's legacy API to scan the output generated (fetched from various web sites) from my own application, if it's infected... Discussion in 'AntiVirus, Firewalls and System Security' started by Ahmet#K, Jul 25, 2018.

  1. AHMET#K
    Ahmet#K Win User

    Windows Defender - Scan API vs AMSI


    Hello,

    I'm using Windows Defender's legacy API to scan the output generated (fetched from various web sites) from my own application, if it's infected with malware or not.


    At first i've tried to use Windows Defender with AMSI interface but that interface doesn't provide any details about the found malware. It just gives result true or false depending on if malware found or not. But i have to report the details of malware.


    So i switched back to WD legacy api to scan malware. I'm writing my program's output to a file and scan it with WD legacy api which also provides me ThreatInfo struct that contains the all info about the detected malware.


    But whenever i write my program's output to a file WD may sometimes scan and quarantine the file before i scan. So i decided to exclude that folder from WD which also causes API to skip scanning the explicit file that i try to scan with legacy api.


    In the end i've two problems / questions:


    1) Does AMSI interface provides a technique to get details of the scanned malware?

    2) How can i prevent WD to scan my program's generated files before i scan and get it's details from WD api.


    Btw, MSDN says this is the legacy api, is there a new API to use WD?

    :)
     
    Ahmet#K, Jul 25, 2018
    #1
  2. SANTOSH_RAI
    Santosh_Rai Win User

    defender scans

    Hi Ian,

    Thanks for posting your query on Microsoft Community.

    This issue might occur if you have set any task scheduler for Windows Defender.

    I suggest you to delete the task for Windows defender and check if it helps.

    Follow the below steps:


    • Search and open Schedule tasks.

    • In the left-hand menu, open the Task Scheduler Library, then select
      Microsoft >Windows >Windows Defender.

    • Double-click Windows Defender Scheduled Scan.

    • Select the Triggers panel, then select Delete.

    Hope it helps, reply to us with the status of your issue. We will be happy to assist you.
     
    Santosh_Rai, Jul 25, 2018
    #2
  3. AVEMARIA
    avemaria Win User
    right click scan in windows defender?


    thanks for that.. i didn't notice the tutorial section :x

    I did the suggested registry change and it's now listed on the desktop context menu.. but all this does is ask if I want to open it, update, or start a scan... I was hoping for the option where you right click a specific file and it will have listed 'scan with windows defender' like other antivirus programs have.. MSE had it. I'll keep looking around to see if I can find it in the meantime..
     
    avemaria, Jul 25, 2018
    #3
  4. BRIAN CAB
    Brian Cab Win User

    Windows Defender - Scan API vs AMSI

    Windows defender custom scan does not scan external drives

    Hi Joe,

    to scan external drives using Windows Defender, follow the steps provided below.

    • Open Windows Defender.
    • Go to Settings tab.
    • Select the Advanced option.
    • tick the checkbox for Scan removable drives.

    Regards.
     
    Brian Cab, Jul 25, 2018
    #4
Thema:

Windows Defender - Scan API vs AMSI

Loading...

  1. Windows Defender - Scan API vs AMSI - Similar Threads - Defender Scan API

  2. Windows Defending scanning

    in AntiVirus, Firewalls and System Security
    Windows Defending scanning: When it comes to scanning results and scan options, they don't exactly match with what actually has been done.For example, I was scanning a map share last night on my was from Windows 10 over wi-fi connection, the scan took all night, and since it was over map share it was a...

  3. Windows defender offline scan not scanning

    in Windows 10 Software and Apps
    Windows defender offline scan not scanning: Whenever I start the defender's offline scan, it will restart my computer then show the blue screen displaying windows offline scan but after this nothing will happen and it will restart again. It will not show any progress of scan. I tried to do it in safe mode but in that...

  4. Windows defender offline scan not scanning

    in AntiVirus, Firewalls and System Security
    Windows defender offline scan not scanning: Whenever I start the defender's offline scan, it will restart my computer then show the blue screen displaying windows offline scan but after this nothing will happen and it will restart again. It will not show any progress of scan. I tried to do it in safe mode but in that...

  5. What is the Difference Between A Windows Defender Security Boot Scan vs. Full Scan?

    in AntiVirus, Firewalls and System Security
    What is the Difference Between A Windows Defender Security Boot Scan vs. Full Scan?: Guys, What is the difference between a Windows Defender Boot Scan vs. a Full Scan? Coinciding with this, what do you get with one that you don't get with the other? Thank you! Jack...

  6. How to scan for malware using McAfee through AMSI

    in AntiVirus, Firewalls and System Security
    How to scan for malware using McAfee through AMSI: We are attempting to determine whether an uploaded file Excel in this case, but could be anything contains malware. The solution is developed in C#. To determine whether AMSI is available I am calling the following only pertinent bits shown: const string EicarTestString...

  7. NcAfee vs Windows Defender

    in AntiVirus, Firewalls and System Security
    NcAfee vs Windows Defender: How do I turn off mcafee firewall and use windows defender in Windows 10 https://answers.microsoft.com/en-us/windows/forum/all/ncafee-vs-windows-defender/7175eee0-57ff-4f4a-a50a-f06ee2cad715"

  8. windows defender is not scanning

    in AntiVirus, Firewalls and System Security
    windows defender is not scanning: that shows a notification that group or resource is not in state https://answers.microsoft.com/en-us/protect/forum/protect_defender-protect_scanning-windows_10/windows-defender-is-not-scanning/e77931e3-9d2d-402b-9172-11787928475d

  9. windows defender scan

    in AntiVirus, Firewalls and System Security
    windows defender scan: since 1803 update defender only lets me do quick scan, if I click on advanced defender closes 110807

  10. Antimalware Scan Interface <> AMSI -how to disable COMPLETELY??

    in AntiVirus, Firewalls and System Security
    Antimalware Scan Interface <> AMSI -how to disable COMPLETELY??: Greetings. I'm using BitDefender Internet Security, but sometimes some internetsites are blocked by AMSI, which is part of Windows 10 Antimalware Scan Interface (Windows) How do I turn this completely off?? I have a lifetime license to Malwarebytes, and for some reasons...

Users found this page by searching for:

  1. windows defender api

    ,

  2. windows defender AMSI

    ,

  3. AMSI Defender

    ,
  4. does .net use amsi,
  5. scan file in C# using AMSI API interface,
  6. amsi windows 10,
  7. windows defender API from .net,
  8. Defender AMSI,
  9. amsi windowd defender,
  10. windows defender api download,
  11. windows defender api .net,
  12. windows defender scan file api from c#,
  13. windows defender .net api,
  14. defender AMsi windows version,
  15. windows defender api nov 2018