使用Windows Defender API,我正在尝试扫描文件夹上的恶意软件。在我编写代码的文档之后:
MPRESOURCE_INFO ResourceInfo = { 0 };
MPSCAN_RESOURCES ScanResource = { 0 };
PMPRESOURCE_INFO ResourceInfoArray = NULL;
...
ResourceInfo.Scheme = L"dir";
ResourceInfo.Path = L"C:\\temp";
ResourceInfo.Class = 0;
// ResourceInfoArray was Allocated before
*ResourceInfoArray = ResourceInfo;
ScanResource.dwResourceCount = 1;
ScanResource.pResourceList = ResourceInfoArray;
// Opened hMpManager before using MpScanStart
hRetval = MpScanStart(hMpManager, MPSCAN_TYPE_RESOURCE, 0, &ScanResource, NULL, &ScanHnadle);
我从中收到一条错误消息:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
但是,如果我将 ResourceInfo 定义更改为:
ResourceInfo.Scheme = L"file";
ResourceInfo.Path = L"C:\\temp\\MyFile.exe";
ResourceInfo.Class = 0;
它工作得很好,以正确的方式检测文件。归根结底-代码适用于文件,但不适用于目录。有谁知道我在目录搜索中做错了什么?