Microsoft Antimalware Engine Spyware Removal
Applies To: Windows Server 2008 R2
During a Windows Defender scan, the Microsoft Antimalware Engine quarantines or removes any spyware or potentially unwanted software detected on the computer. When spyware or other potentially unwanted software is quarantined, it is moved to an isolated folder on the computer.
As new definitions are released, items in quarantine can be scanned again to see if the spyware or other potentially unwanted software can be cleaned and released from quarantine. When spyware or other potentially unwanted software is removed, it is deleted from the computer.
Events
| Event ID | Source | Message |
|---|---|---|
Microsoft-Windows-Windows Defender |
%1 scan has detected spyware or other potentially unwanted software. For more information please see the following: %15 %tScan ID:%b%3 %tScan Type:%b%5 %tScan Parameters:%b%7 %tUser:%b%8\%9 %tName:%b%11 %tID:%b%12 %tSeverity ID:%b%13 %tCategory ID:%b%14 %tPath Found:%b%16 %tDetection Type: %b%22 |
|
Microsoft-Windows-Windows Defender |
%1 has taken action to protect this machine from spyware or other potentially unwanted software. For more information please see the following: %15 %tScan ID:%b%3 %tScan Type:%b%5 %tUser:%b%8\%9 %tName:%b%11 %tID:%b%12 %tSeverity ID:%b%13 %tCategory ID:%b%14 %tAction:%b%20 |
|
Microsoft-Windows-Windows Defender |
%1 has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: %15 %tScan ID:%b%3 %tScan Type:%b%5 %tUser:%b%8\%9 %tName:%b%11 %tID:%b%12 %tSeverity ID:%b%13 %tCategory ID:%b%14 %tPath:%b%16 %tAction:%b%20 %tError Code:%b%21 %tError description:%b%22 |
|
Microsoft-Windows-Windows Defender |
%1 has restored an item from quarantine. For more information please see the following: %15 %tName:%b%11 %tID:%b%12 %tSeverity ID:%b%13 %tCategory ID:%b%14 %tUser:%b%8\%9 |
|
Microsoft-Windows-Windows Defender |
%1 has encountered an error trying to restore an item from quarantine. For more information please see the following: %15 %tName:%b%11 %tID:%b%12 %tSeverity ID:%b%13 %tCategory ID:%b%14 %tUser:%b%8\%9 %tError Code:%b%3 %tError description:%b%4 |