That's because the w3c standard does not include using whitespaces, what will happen is log parser will see the whitespace and assume it's a new field, with or without the quotes. From the following page
"Entries consist of a sequence of fields relating to a single HTTP
transaction. Fields are separated by whitespace, the use of tab
characters for this purpose is encouraged. If a field is unused in a
particular entry dash "-" marks the omitted field. Directives record
information about the logging process itself."
http://www.w3.org/TR/WD-logfile.html
Robert McMurray writes a blog about how to write a COM Plugin, which in my research trying to solve the very same issue, seems to be the best solution (short of writing a regex that replaces all whitespace inside "" with a "+")
http://blogs.iis.net/robert_mcmurray/archive/2013/02/28/advanced-log-parser-part-7-creating-a-generic-input-format-plug-in.aspx
Hope this helps
Edit: I've determined that there is a way to do this, see the following example using a X-Header-For field I've manually added to IIS Advanced Logging, the important bits are bold.
LogParser.exe "SELECT SUBSTR(X-Header-For, 0, INDEX_OF(X-Header-For, ',')) as [Remote Ip], date, time, cs-uri-stem, s-contentpath, sc-status FROM $log" -i:W3C -dQuotes ON
