Microsoft Security Essentials and Defender
Revision as of 13:24, 30 March 2018 by Michael.mast (talk | contribs) (→Text output for email reporting)
Text output for email reporting
For receiving email reports, I followed the steps outlined in the following blog. It saved me a lot of time. Let Microsoft servers report on Microsoft issues I say![1] [2][3]
wevtutil qe ForwardedEvents "/q:*[System[(EventID=1116)]]" /f:text /rd:true /c:1
Event IDs
- 1116 : MALWAREPROTECTION_STATE_MALWARE_DETECTED
- 1117 : MALWAREPROTECTION_STATE_MALWARE_ACTION_TAKEN
- 1118 : MALWAREPROTECTION_STATE_MALWARE_ACTION_FAILED
- 1119 : MALWAREPROTECTION_STATE_MALWARE_ACTION_CRITICALLY_FAILED
- 5001 : MALWAREPROTECTION_RTP_DISABLED