Event ID: 1117
Event ID 1117 — Forefront Endpoint Protection Client
This event is logged in the System log.
Details
Product |
Microsoft Malware Protection |
ID |
1117 |
Source |
Microsoft Antimalware |
Version |
3.0 |
Symbolic Name |
MALWAREPROTECTION_MALWARE_ACTION_TAKEN |
Message |
Forefront Endpoint Protection has taken action to protect this machine from malware or other potentially unwanted software.
For more information, see the following:
- Name: <Threat name>
- ID: <Threat ID>
- Severity: Low, Medium, High, Severe
- Category: <Category description>
- Path: <Path>
- Detection Origin: Unknown, Local machine, Network share, Internet, Incoming traffic, Outgoing traffic
- Detection Type: Heuristics, Generic, Concrete, Dynamic Signature
- Detection Source: User, System, Real-time protection, IE Downloads and Outlook Express Attachments, Network Inspection System, Browser Help Object
- User: <Remediation User Name>
- Process Name: <Process in the PID>
- Action: Remove, Clean, Quarantine, Allow, Not Applicable
- Action Status: <Description of additional actions>
- Signature Version: <Definition version>
- Engine Version: <Antimalware Engine version>
|
Explanation
Forefront Endpoint Protection took action on a virus. This event is logged after action is taken within Forefront Endpoint Protection.
User Action
No user action is necessary.