Deutsch | English | Español | Français |
Italiano | 日本語 | 한국어 | Português |
Pусский | 简体中文 | 繁體中文 |
This is a class that represents the current detailed state of a threat
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.
Syntax
class MSFT_MpThreatDetection : BaseStatus
{
string DetectionID;
sint64 ThreatID;
string ProcessName;
string DomainUser;
uint8 DetectionSourceTypeID;
string Resources[];
DateTime InitialDetectionTime;
DateTime LastThreatStatusChangeTime;
DateTime RemediationTime;
uint8 CurrentThreatExecutionStatusID;
uint8 ThreatStatusID;
sint32 ThreatStatusErrorCode;
uint8 CleaningActionID;
string AMProductVersion = tatusID;
boolean ActionSuccess = false;
Uint32 AdditionalActionsBitMask;
};
Members
The MSFT_MpThreatDetection class has these types of members:
Properties
The MSFT_MpThreatDetection class has these properties.
- ActionSuccess
-
- Data type: boolean
- Access type: Read-only
Specifies if the cleaning action was successful
- AdditionalActionsBitMask
-
- Data type: Uint32
- Access type: Read-only
Additional actions required to complete remediation - Enumeration
- None (0)
- FullScanRequired (4)
- RebootRequired (8)
- FullScanAndRebootRequired (12)
- ManualStepsRequired (16)
- FullScanAndManualStepsRequired (20)
- RebootAndManualStepsRequired (24)
- FullScanAndRebootAndManualStepsRequired (28)
- OfflineScanRequired (32768)
- FullScanAndOfflineScanRequired (32772)
- RebootAndOfflineScanRequired (32776)
- FullScanAndRebootAndOfflineScanRequired (32780)
- ManualStepsAndOfflineScanRequired (32784)
- FullScanAndManualStepsAndOfflineScanRequired (32788)
- RebootAndManualStepsAndOfflineScanRequired (32792)
- FullScanAndRebootAndManualStepsAndOfflineScanRequired (32796 )
- AMProductVersion
-
- Data type: string
- Access type: Read-only
Product version (major, minor, build, revision)
- CleaningActionID
-
- Data type: uint8
- Access type: Read-only
The cleaning action - Enumeration
- CurrentThreatExecutionStatusID
-
- Data type: uint8
- Access type: Read-only
Execution Status ID - Enumeration
- DetectionID
-
- Data type: string
- Access type: Read-only
- Qualifiers: Key
Unique Detection ID
- DetectionSourceTypeID
-
- Data type: uint8
- Access type: Read-only
Detection Source Type ID - Enumeration
- DomainUser
-
- Data type: string
- Access type: Read-only
The user who requested remediation
- InitialDetectionTime
-
- Data type: DateTime
- Access type: Read-only
The initial threat detection time
- LastThreatStatusChangeTime
-
- Data type: DateTime
- Access type: Read-only
The most recent time of the threat status change
- ProcessName
-
- Data type: string
- Access type: Read-only
The name of the process involved
- RemediationTime
-
- Data type: DateTime
- Access type: Read-only
The time of the remediation.
- Resources
-
- Data type: string array
- Access type: Read-only
List of resources affected by the detection
- ThreatID
-
- Data type: sint64
- Access type: Read-only
- Qualifiers: Key
Unique Threat ID
- ThreatStatusErrorCode
-
- Data type: sint32
- Access type: Read-only
The threat status error code
- ThreatStatusID
-
- Data type: uint8
- Access type: Read-only
The Threat Status ID - Enumeration
Requirements
Minimum supported client | Windows 8.1 [desktop apps only] |
---|---|
Minimum supported server | Windows Server 2012 R2 [desktop apps only] |
Namespace |
Root\Microsoft\Windows\Defender |
MOF |
|
DLL |
|