Event ID: 1116

  • Article

Event ID 1116 — Forefront Endpoint Protection Client

This event is logged in the System log.

Details

Product

Microsoft Malware Protection

ID

1116

Source

Microsoft Antimalware

Version

3.0

Symbolic Name

MALWAREPROTECTION_MALWARE_DETECTED

Message

Forefront Endpoint Protection has detected malware or other potentially unwanted software.

For more information, see Microsoft Malware Protection Center (https://go.microsoft.com/fwlink/?linkid=158117&threatid=4294967289)

  • Name: <Threat name>

  • ID: <Threat ID>

  • Severity: Low, Medium, High, Severe

  • Category: <Category description>

  • Path: <Path>

  • Detection Origin: Unknown, Local computer, Network share, Internet, Incoming traffic, Outgoing traffic

  • Detection Type: Heuristics, Generic, Concrete, Dynamic Signature

  • Detection Source: User, System, Real-time protection, IE Downloads and Outlook Express Attachments, Network Inspection System, Browser Help Object

  • User: <Remediation User Name>

  • Process Name: <Process in the PID>

  • Signature Version: <Definition version>

  • Engine Version: <Antimalware Engine version>

Explanation

The Forefront Endpoint Protection scan detected a virus.

User Action

No user action is required. Forefront Endpoint Protection can suspend and take routine action on this threat. To remove the virus manually, in the Forefront Endpoint Protection interface, click Clean Computer.