Event ID: 1119

  • Article

Applies To: Forefront Endpoint Protection

Event ID 1119 — Forefront Endpoint Protection Client

Details

Product

Microsoft Malware Protection

ID

1119

Source

Microsoft Antimalware

Version

3.0

Symbolic Name

MALWAREPROTECTION_MALWARE_ACTION_FAILED

Message

Forefront Endpoint Protection client has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following: https://go.microsoft.com/fwlink/?linkid=158117&threatid=4294967289

  1. Name: <Threat name>

  2. ID: <Threat ID>

  3. Severity: Low, Medium, High, Severe

  4. Category: Exploit, Test, Vulnerability, Policy

  5. Path: <Path>

  6. Detection Origin: Unknown, Local machine, Network share, Internet, Incoming traffic, Outgoing traffic

  7. Detection Type: Heuristics, Generic, Concrete, Dynamic Signature

  8. Detection Source: User, System, Real-time protection, IE Downloads and Outlook Express Attachments, Network Inspection System, Browser Help Object

  9. User: <Remediation User Name>

  10. Process Name: <Process in the PID>

  11. Action: Remove, Clean, Quarantine, Allow, Not Applicable

  12. Action Status: <Description of additional actions>

  13. Error Code: <Error code>

  14. Error Description: <Error description>

  15. Signature Version: <Signature version>

  16. Engine Version: <Antimalware Engine version>

Explanation

Forefront Endpoint Protection client has received this error due to critical issues. The computer may not be protected.

User Action

Action User Action

Remove

Perform a signature update and then verify that the quarantine succeeded.

Clean

Perform a signature update and then verify that the quarantine succeeded.

Quarantine

Perform a signature update and verify that the user has permission to access the necessary resources.

Allow

Verify that the user has permission to access the necessary resources.