1 | This is an abstract class that shows the base status. |
This is an abstract class that shows the base status. |
2 | Computer ID created by MAPS |
Computer ID created by MAPS |
3 | The current computer state |
The current computer state |
4 | CleanState |
CleanState |
5 | PendingFullScan |
PendingFullScan |
6 | PendingReboot |
PendingReboot |
7 | PendingManualSteps |
PendingManualSteps |
8 | PendingOfflineScan |
PendingOfflineScan |
9 | CriticalFailure |
CriticalFailure |
10 | Product version (major, minor, build, revision) |
Product version (major, minor, build, revision) |
11 | Service version (major, minor, build, revision) |
Service version (major, minor, build, revision) |
12 | The Antispyware Signature version (major, minor, build, revision) |
The Antispyware Signature version (major, minor, build, revision) |
13 | Antispyware Signature age in days - if signatures have never been updated you will see an age of 65535 days |
Antispyware Signature age in days - if signatures have never been updated you will see an age of 65535 days |
14 | Antispyware Last updated local time. If this has never updated you will see a null value in this property |
Antispyware Last updated local time. If this has never updated you will see a null value in this property |
15 | The Antivirus Signature version (major, minor, build, revision) |
The Antivirus Signature version (major, minor, build, revision) |
16 | Antivirus Signature age in days- if signatures have never been updated you will see an age of 65535 days |
Antivirus Signature age in days- if signatures have never been updated you will see an age of 65535 days |
17 | Antivirus Last updated local time - If this has never updated you will see a null value in this property |
Antivirus Last updated local time - If this has never updated you will see a null value in this property |
18 | The NRI Signature version (major, minor, build, revision) |
The NRI Signature version (major, minor, build, revision) |
19 | NRI Signature age in days- if signatures have never been updated you will see an age of 65535 days |
NRI Signature age in days- if signatures have never been updated you will see an age of 65535 days |
20 | NRI Last updated local time - If this has never updated you will see a null value in this property |
NRI Last updated local time - If this has never updated you will see a null value in this property |
21 | Time of last Full Scan start - If this has never updated you will see a null value in this property |
Time of last Full Scan start - If this has never updated you will see a null value in this property |
22 | Time of last Full Scan end - If this has never updated you will see a null value in this property |
Time of last Full Scan end - If this has never updated you will see a null value in this property |
23 | Last full scan age in days- if signatures have never been updated you will see an age of 65535 days |
Last full scan age in days- if signatures have never been updated you will see an age of 65535 days |
24 | Last scan source |
Last scan source |
25 | Unknown |
Unknown |
26 | User |
User |
27 | System |
System |
28 | Real-time |
Real-time |
29 | IOAV |
IOAV |
30 | Real-time scan direction enumeration |
Real-time scan direction enumeration |
31 | Both |
Both |
32 | Incoming |
Incoming |
33 | Outcoming |
Outcoming |
34 | Time of last Quick Scan start - If this has never updated you will see a null value in this property |
Time of last Quick Scan start - If this has never updated you will see a null value in this property |
35 | Time of last Quick Scan end - If this has never updated you will see a null value in this property |
Time of last Quick Scan end - If this has never updated you will see a null value in this property |
36 | Last quick scan age in days- if signatures have never been updated you will see an age of 65535 days. |
Last quick scan age in days- if signatures have never been updated you will see an age of 65535 days. |
37 | The AM Engine version (major, minor, build, revision) |
The AM Engine version (major, minor, build, revision) |
38 | If the AM Engine is enabled |
If the AM Engine is enabled |
39 | Specifies whether the computer is monitoring file and program activity on your computer |
Specifies whether the computer is monitoring file and program activity on your computer |
40 | Scan all downloaded files and attachments |
Scan all downloaded files and attachments |
41 | Specifies whether behavior monitoring is enabled |
Specifies whether behavior monitoring is enabled |
42 | Specifies whether Antivirus protection is enabled |
Specifies whether Antivirus protection is enabled |
43 | Specifies whether Antispyware protection is enabled |
Specifies whether Antispyware protection is enabled |
44 | Specifies whether real-time protection is enabled |
Specifies whether real-time protection is enabled |
45 | NRI Engine version (major, minor, build, revision) |
NRI Engine version (major, minor, build, revision) |
46 | If the NRI Engine is enabled |
If the NRI Engine is enabled |
47 | The Schema Version |
The Schema Version |
48 | Unique Detection ID |
Unique Detection ID |
49 | The name of the threat |
The name of the threat |
50 | Severity ID - Enumeration |
Severity ID - Enumeration |
51 | Low |
Low |
52 | Moderate |
Moderate |
53 | High |
High |
54 | Severe |
Severe |
55 | Category ID - Enumeration |
Category ID - Enumeration |
56 | INVALID |
INVALID |
57 | ADWARE |
ADWARE |
58 | SPYWARE |
SPYWARE |
59 | PASSWORDSTEALER |
PASSWORDSTEALER |
60 | TROJANDOWNLOADER |
TROJANDOWNLOADER |
61 | WORM |
WORM |
62 | BACKDOOR |
BACKDOOR |
63 | REMOTEACCESSTROJAN |
REMOTEACCESSTROJAN |
64 | TROJAN |
TROJAN |
65 | EMAILFLOODER |
EMAILFLOODER |
66 | KEYLOGGER |
KEYLOGGER |
67 | DIALER |
DIALER |
68 | MONITORINGSOFTWARE |
MONITORINGSOFTWARE |
69 | BROWSERMODIFIER |
BROWSERMODIFIER |
70 | COOKIE |
COOKIE |
71 | BROWSERPLUGIN |
BROWSERPLUGIN |
72 | AOLEXPLOIT |
AOLEXPLOIT |
73 | NUKER |
NUKER |
74 | SECURITYDISABLER |
SECURITYDISABLER |
75 | JOKEPROGRAM |
JOKEPROGRAM |
76 | HOSTILEACTIVEXCONTROL |
HOSTILEACTIVEXCONTROL |
77 | SOFTWAREBUNDLER |
SOFTWAREBUNDLER |
78 | STEALTHNOTIFIER |
STEALTHNOTIFIER |
79 | SETTINGSMODIFIER |
SETTINGSMODIFIER |
80 | TOOLBAR |
TOOLBAR |
81 | REMOTECONTROLSOFTWARE |
REMOTECONTROLSOFTWARE |
82 | TROJANFTP |
TROJANFTP |
83 | POTENTIALUNWANTEDSOFTWARE |
POTENTIALUNWANTEDSOFTWARE |
84 | ICQEXPLOIT |
ICQEXPLOIT |
85 | TROJANTELNET |
TROJANTELNET |
86 | FILESHARINGPROGRAM |
FILESHARINGPROGRAM |
87 | MALWARE_CREATION_TOOL |
MALWARE_CREATION_TOOL |
88 | REMOTE_CONTROL_SOFTWARE |
REMOTE_CONTROL_SOFTWARE |
89 | TOOL |
TOOL |
90 | TROJAN_DENIALOFSERVICE |
TROJAN_DENIALOFSERVICE |
91 | TROJAN_DROPPER |
TROJAN_DROPPER |
92 | TROJAN_MASSMAILER |
TROJAN_MASSMAILER |
93 | TROJAN_MONITORINGSOFTWARE |
TROJAN_MONITORINGSOFTWARE |
94 | TROJAN_PROXYSERVER |
TROJAN_PROXYSERVER |
95 | VIRUS |
VIRUS |
96 | KNOWN |
KNOWN |
97 | UNKNOWN |
UNKNOWN |
98 | SPP |
SPP |
99 | BEHAVIOR |
BEHAVIOR |
100 | VULNERABILTIY |
VULNERABILTIY |
101 | POLICY |
POLICY |
102 | Type ID - Enumeration |
Type ID - Enumeration |
103 | Known Bad |
Known Bad |
104 | Behavior |
Behavior |
105 | Known Good |
Known Good |
106 | NRI |
NRI |
107 | Threat Rollup Status |
Threat Rollup Status |
108 | ThreatClean |
ThreatClean |
109 | RebootRequired |
RebootRequired |
110 | OfflineScanRequired |
OfflineScanRequired |
111 | ManualStepsRequired |
ManualStepsRequired |
112 | FullScanRequired |
FullScanRequired |
113 | ReinfectionLoop |
ReinfectionLoop |
114 | Executed |
Executed |
115 | List of resources affected by the threat |
List of resources affected by the threat |
116 | Specifies if threat has executed |
Specifies if threat has executed |
117 | Specifies if the threat is active |
Specifies if the threat is active |
118 | This is a singleton that represents the Microsoft Antimalware service infection status |
This is a singleton that represents the Microsoft Antimalware service infection status |
119 | This class represents the catalog of recognized threats |
This class represents the catalog of recognized threats |
120 | Unique Threat ID |
Unique Threat ID |
121 | The name of the process involved |
The name of the process involved |
122 | The user who requested remediation |
The user who requested remediation |
123 | Detection Source Type ID - Enumeration |
Detection Source Type ID - Enumeration |
124 | ELAM |
ELAM |
125 | LocalAttestation |
LocalAttestation |
126 | RemoteAttestation |
RemoteAttestation |
127 | List of resources affected by the detection |
List of resources affected by the detection |
128 | The initial threat detection time |
The initial threat detection time |
129 | The most recent time of the threat status change |
The most recent time of the threat status change |
130 | The time of the remediation. |
The time of the remediation. |
131 | Execution Status ID - Enumeration |
Execution Status ID - Enumeration |
132 | Blocked |
Blocked |
133 | Allowed |
Allowed |
134 | Executing |
Executing |
135 | NotExecuting |
NotExecuting |
136 | The Threat Status ID - Enumeration |
The Threat Status ID - Enumeration |
137 | Detected |
Detected |
138 | Cleaned |
Cleaned |
139 | Quarantined |
Quarantined |
140 | Removed |
Removed |
141 | CleanFailed |
CleanFailed |
142 | QuarantineFailed |
QuarantineFailed |
143 | RemoveFailed |
RemoveFailed |
144 | AllowFailed |
AllowFailed |
145 | Abandoned |
Abandoned |
146 | BlockedFailed |
BlockedFailed |
147 | The threat status error code |
The threat status error code |
148 | The cleaning action - Enumeration |
The cleaning action - Enumeration |
149 | Clean |
Clean |
150 | Quarantine |
Quarantine |
151 | Remove |
Remove |
152 | Allow |
Allow |
153 | UserDefined |
UserDefined |
154 | NoAction |
NoAction |
155 | Block |
Block |
156 | Specifies if the cleaning action was successful |
Specifies if the cleaning action was successful |
157 | Additional actions required to complete remediation - Enumeration |
Additional actions required to complete remediation - Enumeration |
158 | None |
None |
159 | FullScanAndRebootRequired |
FullScanAndRebootRequired |
160 | FullScanAndManualStepsRequired |
FullScanAndManualStepsRequired |
161 | RebootAndManualStepsRequired |
RebootAndManualStepsRequired |
162 | FullScanAndRebootAndManualStepsRequired |
FullScanAndRebootAndManualStepsRequired |
163 | FullScanAndOfflineScanRequired |
FullScanAndOfflineScanRequired |
164 | RebootAndOfflineScanRequired |
RebootAndOfflineScanRequired |
165 | FullScanAndRebootAndOfflineScanRequired |
FullScanAndRebootAndOfflineScanRequired |
166 | ManualStepsAndOfflineScanRequired |
ManualStepsAndOfflineScanRequired |
167 | FullScanAndManualStepsAndOfflineScanRequired |
FullScanAndManualStepsAndOfflineScanRequired |
168 | RebootAndManualStepsAndOfflineScanRequired |
RebootAndManualStepsAndOfflineScanRequired |
169 | FullScanAndRebootAndManualStepsAndOfflineScanRequired |
FullScanAndRebootAndManualStepsAndOfflineScanRequired |
170 | This is a class that represents the current detailed state of a threat |
This is a class that represents the current detailed state of a threat |
171 | Allows an administrator to specify if Automatic Exclusions feature for Server SKUs should be turned off. |
Allows an administrator to specify if Automatic Exclusions feature for Server SKUs should be turned off. |
172 | Allows an administrator to explicitly disable a scan from checking any of the paths listed. |
Allows an administrator to explicitly disable a scan from checking any of the paths listed. |
173 | Allows an administrator to explicitly disable a scan from checking any of the extensions listed. |
Allows an administrator to explicitly disable a scan from checking any of the extensions listed. |
174 | Allows an administrator to explicitly disable a scan from checking any of the processes listed. |
Allows an administrator to explicitly disable a scan from checking any of the processes listed. |
175 | Indicates how many days items should kept in Quarantine folder before being removed. |
Indicates how many days items should kept in Quarantine folder before being removed. |
176 | Real-time scan direction - Enumeration |
Real-time scan direction - Enumeration |
177 | Indicates what day of the week to perform the scheduled full scan to complete remediation. |
Indicates what day of the week to perform the scheduled full scan to complete remediation. |
178 | Every Day |
Every Day |
179 | Sunday |
Sunday |
180 | Monday |
Monday |
181 | Tuesday |
Tuesday |
182 | Wednesday |
Wednesday |
183 | Thursday |
Thursday |
184 | Friday |
Friday |
185 | Saturday |
Saturday |
186 | Never |
Never |
187 | Indicates what time to perform the scheduled full scan to complete remediation. |
Indicates what time to perform the scheduled full scan to complete remediation. |
188 | Configure timeout for detections requiring additional action. |
Configure timeout for detections requiring additional action. |
189 | Time in minutes for a detection in the 'critically failed' state to move to either 'additional action' or 'cleared' state. |
Time in minutes for a detection in the 'critically failed' state to move to either 'additional action' or 'cleared' state. |
190 | Time in minutes for a detection in the 'failed' state to move to the 'cleared' state. |
Time in minutes for a detection in the 'failed' state to move to the 'cleared' state. |
191 | Specify the maximum percentage of CPU utilization during a scan. This policy setting allows you to configure the maximum percentage CPU utilization permitted during a scan. Valid values for this setting are a percentage represented by the integers 5 to 100. A value of 0 indicates that there should be no throttling of CPU utilization. |
Specify the maximum percentage of CPU utilization during a scan. This policy setting allows you to configure the maximum percentage CPU utilization permitted during a scan. Valid values for this setting are a percentage represented by the integers 5 to 100. A value of 0 indicates that there should be no throttling of CPU utilization. |
192 | When set, Windows Defender Antivirus will check for new signatures before running a scan. If new signatures are found they will be downloaded and installed before the scan begins. If no new signatures are found, the scan will start based on the existing signatures. |
When set, Windows Defender Antivirus will check for new signatures before running a scan. If new signatures are found they will be downloaded and installed before the scan begins. If no new signatures are found, the scan will start based on the existing signatures. |
193 | Turn on removal of items from scan history folder. This setting defines the number of days items should be kept in the scan history folder before being permanently removed. The value represents the number of days to keep items in the folder. If set to zero, items will be kept forever and will not be automatically removed. |
Turn on removal of items from scan history folder. This setting defines the number of days items should be kept in the scan history folder before being permanently removed. The value represents the number of days to keep items in the folder. If set to zero, items will be kept forever and will not be automatically removed. |
194 | Run scheduled scans only if system is idle. |
Run scheduled scans only if system is idle. |
195 | Specify the scan type to use for a scheduled scan. |
Specify the scan type to use for a scheduled scan. |
196 | Quick Scan |
Quick Scan |
197 | Full Scan |
Full Scan |
198 | Specify the day of the week to run a scheduled scan. |
Specify the day of the week to run a scheduled scan. |
199 | Specify the time of day to run a scheduled quick scan. |
Specify the time of day to run a scheduled quick scan. |
200 | Specify the time of day to run a scheduled scan. |
Specify the time of day to run a scheduled scan. |
201 | Aborts any service-initiated update immediately after first install by the configured amount of time. |
Aborts any service-initiated update immediately after first install by the configured amount of time. |
202 | Overrides CheckForSignatureBeforeRunningScan. Aborts any service-initiated update if signature was updated successfully within this amount of time. Time in minutes. |
Overrides CheckForSignatureBeforeRunningScan. Aborts any service-initiated update if signature was updated successfully within this amount of time. Time in minutes. |
203 | Defines the file shares for downloading definition updates. setting allows you to configure UNC file share sources for downloading definition updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources. For example: {\unc1 | \unc2 }. The list is empty by default. |
Defines the file shares for downloading definition updates. setting allows you to configure UNC file share sources for downloading definition updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources. For example: {\unc1 | \unc2 }. The list is empty by default. |
204 | When set to true, AM Service will not initiate definition update on start-up, regardless of whether an Engine is present or not. |
When set to true, AM Service will not initiate definition update on start-up, regardless of whether an Engine is present or not. |
205 | Define the order of sources for downloading definition updates. This setting allows you to define the order in which different definition update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources in order. Possible values are: 'InternalDefinitionUpdateServer' 'MicrosoftUpdateServer' 'MMPC' 'FileShares' |
Define the order of sources for downloading definition updates. This setting allows you to define the order in which different definition update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources in order. Possible values are: 'InternalDefinitionUpdateServer' 'MicrosoftUpdateServer' 'MMPC' 'FileShares' |
206 | Indicates the day of the week in which signature updates occur. If set to zero (0x0) then signature update occurs daily. |
Indicates the day of the week in which signature updates occur. If set to zero (0x0) then signature update occurs daily. |
207 | Specifies the time at which signature update check happens. By default the signatures are checked before the scheduled scan. |
Specifies the time at which signature update check happens. By default the signatures are checked before the scheduled scan. |
208 | Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up; 1 = 1 day; 2 = 2 days, etc. |
Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up; 1 = 1 day; 2 = 2 days, etc. |
209 | The time value is represented as the number of hours between update checks. Valid values range from 1 (every hour) to 24 (once per day). |
The time value is represented as the number of hours between update checks. Valid values range from 1 (every hour) to 24 (once per day). |
210 | Join Microsoft MAPS. |
Join Microsoft MAPS. |
211 | Disabled |
Disabled |
212 | Basic |
Basic |
213 | Advanced |
Advanced |
214 | Consent for sample submission. |
Consent for sample submission. |
215 | Always |
Always |
216 | Disable the privacy mode. |
Disable the privacy mode. |
217 | This setting allows you to enable or disable randomization of the scheduled scan start time and the scheduled definition update start time. This setting is used to distribute the resource impact of scanning. For example, it could be used in guest virtual machines sharing a host, to prevent multiple guest virtual machines from undertaking a disk-intensive operation at the same time. |
This setting allows you to enable or disable randomization of the scheduled scan start time and the scheduled definition update start time. This setting is used to distribute the resource impact of scanning. For example, it could be used in guest virtual machines sharing a host, to prevent multiple guest virtual machines from undertaking a disk-intensive operation at the same time. |
218 | Disable behavior monitoring. |
Disable behavior monitoring. |
219 | Disable intrusion prevention system. |
Disable intrusion prevention system. |
220 | Disable IOAV protection. |
Disable IOAV protection. |
221 | Disable real-time monitoring. |
Disable real-time monitoring. |
222 | Disable script scanning. |
Disable script scanning. |
223 | Disable archive scanning. |
Disable archive scanning. |
224 | Disable catch-up full scan. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. |
Disable catch-up full scan. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. |
225 | Disable catch-up quick scan. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. |
Disable catch-up quick scan. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. |
226 | Disable email scanning. |
Disable email scanning. |
227 | Disable removable drive scanning. |
Disable removable drive scanning. |
228 | Disables restore point. |
Disables restore point. |
229 | Disable running full scan on mapped network drives. |
Disable running full scan on mapped network drives. |
230 | Disables scanning network files. |
Disables scanning network files. |
231 | Enable UI Lockdown mode. |
Enable UI Lockdown mode. |
232 | The Ids of threats upon which default action should not be taken when detected. The actions in ThreatIDDefaultAction_Actions need to be specified in the same order as the Ids in ThreatIDDefaultAction_Ids |
The Ids of threats upon which default action should not be taken when detected. The actions in ThreatIDDefaultAction_Actions need to be specified in the same order as the Ids in ThreatIDDefaultAction_Ids |
233 | Default actions for threats upon which default action should not be taken when detected. The actions need to be in the same order as their respective Ids specified in the ThreatIDDefaultAction_Ids property. |
Default actions for threats upon which default action should not be taken when detected. The actions need to be in the same order as their respective Ids specified in the ThreatIDDefaultAction_Ids property. |
234 | Default action for unknown threats. |
Default action for unknown threats. |
235 | Default action for low severity threats. |
Default action for low severity threats. |
236 | Default action for moderate severity threats. |
Default action for moderate severity threats. |
237 | Default action for high severity threats. |
Default action for high severity threats. |
238 | Default action for severe severity threats. |
Default action for severe severity threats. |
239 | Specify PUA(Potentially Unwanted Application) protection mode. |
Specify PUA(Potentially Unwanted Application) protection mode. |
240 | Enabled |
Enabled |
241 | AuditMode |
AuditMode |
242 | Disable block at first seen. |
Disable block at first seen. |
243 | Define the order of sources for downloading definition updates This setting allows you to define the order in which different definition update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources in order. Possible values are: 'InternalDefinitionUpdateServer' 'MicrosoftUpdateServer' 'MMPC' 'FileShares' |
Define the order of sources for downloading definition updates This setting allows you to define the order in which different definition update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the definition update sources in order. Possible values are: 'InternalDefinitionUpdateServer' 'MicrosoftUpdateServer' 'MMPC' 'FileShares' |
244 | Indicates the day of the week in which signature updates occur. If set to zero then signature update occurs daily. |
Indicates the day of the week in which signature updates occur. If set to zero then signature update occurs daily. |
245 | Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up, 1 = 1 day, 2 = 2 days, etc. |
Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up, 1 = 1 day, 2 = 2 days, etc. |
246 | Disable privacy mode. |
Disable privacy mode. |
247 | A user confirmation is sought by default by this cmdlet. If -Force is specified, the default confirmation is not sought from the user. |
A user confirmation is sought by default by this cmdlet. If -Force is specified, the default confirmation is not sought from the user. |
248 | 1.0 |
1.0 |
249 | Windows Defender Antivirus Preferences Class |
Windows Defender Antivirus Preferences Class |
250 | The Windows Defender Antivirus Scan Class |
The Windows Defender Antivirus Scan Class |
251 | The Windows Defender Antivirus Signature Class |
The Windows Defender Antivirus Signature Class |
252 | Category of Notification. |
Category of Notification. |
253 | ScanStateNotifications |
ScanStateNotifications |
254 | ThreatStateNotifications |
ThreatStateNotifications |
255 | SignatureStateNotifications |
SignatureStateNotifications |
256 | ComputerStateNotifications |
ComputerStateNotifications |
257 | Detailed Scan Notifications. |
Detailed Scan Notifications. |
258 | ErrorOccurred |
ErrorOccurred |
259 | ScanCompleted |
ScanCompleted |
260 | Detailed Threat Notifications. |
Detailed Threat Notifications. |
261 | SuccessfulRemediation |
SuccessfulRemediation |
262 | NonCriticalFailure |
NonCriticalFailure |
263 | Detailed Signature Notifications. |
Detailed Signature Notifications. |
264 | SignaturesOutOfDate |
SignaturesOutOfDate |
265 | Detailed Computer Notifications. |
Detailed Computer Notifications. |
266 | ScansOutOfDate |
ScansOutOfDate |
267 | ComponentsChanged |
ComponentsChanged |
268 | StateRecovered |
StateRecovered |
269 | Date and time the WMI Event was generated |
Date and time the WMI Event was generated |
270 | Additional Data. At the moment, the only use is when the CategoryDiscriminant is equal to ThreatStateNotificationsthen this value will contains the ThreatID |
Additional Data. At the moment, the only use is when the CategoryDiscriminant is equal to ThreatStateNotificationsthen this value will contains the ThreatID |
271 | Windows Defender Antivirus Event Indication Class |
Windows Defender Antivirus Event Indication Class |
272 | The Windows Defender Antivirus WDO Scan Class |
The Windows Defender Antivirus WDO Scan Class |
273 | The Windows Defender Antivirus Heart Beat Class |
The Windows Defender Antivirus Heart Beat Class |
500 | %1!s! is scanning your device |
%1!s! is scanning your device |
501 | This might take some time, depending on the type of scan selected. |
This might take some time, depending on the type of scan selected. |
502 | Scan was completed successfully. |
Scan was completed successfully. |
503 | Errors were encountered when attempted to scan your device. |
Errors were encountered when attempted to scan your device. |
504 | Custom Scan |
Custom Scan |
508 | %1!s! %2!s! |
%1!s! %2!s! |
510 | Updating virus and spyware definitions |
Updating virus and spyware definitions |
511 | %1!s! updates your virus and spyware definitions automatically to help protect your device. |
%1!s! updates your virus and spyware definitions automatically to help protect your device. |
512 | Virus and spyware definitions update was completed successfully. |
Virus and spyware definitions update was completed successfully. |
513 | Virus and spyware definitions update was completed with errors. |
Virus and spyware definitions update was completed with errors. |
514 | Virus and spyware definitions |
Virus and spyware definitions |
515 | Operation failed with the following error: 0x%1!x! |
Operation failed with the following error: 0x%1!x! |
516 | ScanPath parameter is required when running a custom scan. |
ScanPath parameter is required when running a custom scan. |
517 | A scan is already in progress on this device. |
A scan is already in progress on this device. |
518 | Virus and spyware definitions update is already in progress on this device. |
Virus and spyware definitions update is already in progress on this device. |
519 | Items detected as potentially harmful are already being cleaned. |
Items detected as potentially harmful are already being cleaned. |
520 | There are currently no active detected items on your device to clean. |
There are currently no active detected items on your device to clean. |
521 | Errors were encountered while attempted to clean items detected as potentially harmful. |
Errors were encountered while attempted to clean items detected as potentially harmful. |
522 | A ThreatIDDefaultAction_Actions value should be specified for each ThreatIDDefaultAction_Ids parameter. |
A ThreatIDDefaultAction_Actions value should be specified for each ThreatIDDefaultAction_Ids parameter. |
523 | Failed to get default action for threat id. Error: 0x%1!x! |
Failed to get default action for threat id. Error: 0x%1!x! |
524 | Operation failed with the following error: 0x%1!x!. Operation: %2!s!. Target: %3!s!. |
Operation failed with the following error: 0x%1!x!. Operation: %2!s!. Target: %3!s!. |
525 | You don't have enough permissions to perform the requested operation. |
You don't have enough permissions to perform the requested operation. |
526 | Errors were encountered when attempted to run WDO scan on your device. |
Errors were encountered when attempted to run WDO scan on your device. |
0x1388 | There was an error %1 in the %2 WMI provider instance retrieval methods.%0 |
There was an error %1 in the %2 WMI provider instance retrieval methods.%0 |
0x1389 | There was an error %1 in the %2 WMI provider static method.%0 |
There was an error %1 in the %2 WMI provider static method.%0 |
0x138A | There was an error %1 in the %2 WMI provider FireEvent method.%0 |
There was an error %1 in the %2 WMI provider FireEvent method.%0 |
0x138B | There was an error %1 when attempted to register for %2 WMI provider notifications from all the active computer sessions. Only notifications from the current session will be received.%0 |
There was an error %1 when attempted to register for %2 WMI provider notifications from all the active computer sessions. Only notifications from the current session will be received.%0 |
0x138C | There was an error %1 when attempted to create event monitoring thread for %2 WMI provider.%0 |
There was an error %1 when attempted to create event monitoring thread for %2 WMI provider.%0 |
0x138E | There was an error %1 when attempted to register %2 WMI provider for monitoring antimalware notifications.%0 |
There was an error %1 when attempted to register %2 WMI provider for monitoring antimalware notifications.%0 |