Event IDs for Range 1000 to 1199
| Event ID | Event Source | Event Type | ePO 5.x Threat Category | ePO 5.xAction Taken | McLogEvent | Severity | Description |
| 924 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, AV PUP | none, access denied |
259
| Error | The file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. Detected with Scan Engine %ENGINEVERSION% DAT version %DATVERSION%. |
| 925 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, AV PUP | Cleaned | 258 | Warning | The file %FILENAME% contained %VIRUSNAME% %VIRUSTYPE%. The file was successfully cleaned with Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1026 | ODS, OAS, Outlook ScanDomino Scan | SEVERITY_CRITICAL | AV detect, AV PUP | none, access denied | 259 | Error | The file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. Unable to clean the file using the current Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1027 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, AV PUP | Deleted | 258 | Warning | The file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. The file was successfully deleted. |
| 1028 | ODS, OAS | SEVERITY_MINOR | AV detect, AV PUP | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot. |
| 1032 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, AV PUP | Moved | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. The detection was moved to quarantine area. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1034 | ODS | SEVERITY_INFORMATIONAL | ops.task.end | None | 257 | Information | The scan completed. No detections were found. Scan engine version used is %ENGINEVERSION% DAT version %DATVERSION%. |
| 1035 | ODS | SEVERITY_INFORMATIONAL | ops.task.cancel | None | 257 | Information | The scan was cancelled at time %GMTTIME%. |
| 1037 | ODS, OAS | SEVERITY_CRITICAL | AV detect, AV PUP | none, access denied | 259 | Error | The scan found a boot record infected with %VIRUSNAME% %VIRUSTYPE%. Detected using Scan Engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1038 | ODS | SEVERITY_CRITICAL | ops.task.end | None | 259 | Error | The scan found detections. Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1039 | ODS | SEVERITY_MAJOR | ops.task.end | None | 259 | Error | The scan found and cleaned detections using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1051 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV | None | 257 | Information | The Scan was unable to scan password protected file %FILENAME%. Scan engine version used is %ENGINEVERSION% DAT version %DATVERSION%. |
| 1053 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV.detect.heuristics, av.pup | none, access denied | 259 | Error | The file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. Detected with Heuristics, Scan Engine %ENGINEVERSION% DAT version %DATVERSION%. |
| 1054 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV.detect.heuristics, av.pup | Deleted | 258 | Warning | Heuristics has detected that file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. The file was deleted. |
| 1055 | ODS, OAS | SEVERITY_MINOR | AV.detect.heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (could be a new virus). |
| 1056 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV.detect.heuristics, av.pup | Moved | 259 | Error | Heuristics has detected that file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. The file was moved the file to the quarantine area. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1059 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV | None | 257 | Information | The scan of %FILENAME% has taken too long to complete and is being canceled. Scan engine version used is %ENGINEVERSION% DAT version %DATVERSION%. |
| 1060 | ODS, OAS | SEVERITY_MAJOR | AV detect, AV PUP | Cleaned | 257 | Information | The scan cleaned a boot record infected with the %VIRUSNAME% %VIRUSTYPE%. Detected using Scan Engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1061 | ODS, OAS | SEVERITY_CRITICAL | AV detect, AV PUP | None, Access Denied | 259 | Error | The scan encountered an error attempting to clean a boot record infected with %VIRUSNAME% %VIRUSTYPE%. Detected using Scan Engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1064 | OAS | SEVERITY_INFORMATIONAL | ops.service.start | None | 257 | Information | Service was started. |
| 1065 | OAS | SEVERITY_INFORMATIONAL | ops.service.end | None | 257 | Information | Service ended. |
| 1067 | ODS | SEVERITY_MINOR | ops.service.error | None | 258 | Warning | Task failed to start. |
| 1087 | OAS | SEVERITY_INFORMATIONAL | ops.service.start | None | 257 | Information | On-access Scan started at %GMTTIME%. Scan version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1088 | OAS | SEVERITY_INFORMATIONAL | ops.service.end | None | 257 | Information | On-access scan stopped. Scan version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1089 | Access Protection (OAS) | SEVERITY_MINOR | ops.service.error | None | 258 | Warning | An error occurred loading the Access Protection rule file (vscan.bof). The error was %INFO% |
| 1091 | OAS, Script Scan, Outlook Scan | SEVERITY_MAJOR | AV detect, AV PUP | Blocked | 258 | Warning | Script execution blocked (%INFO%). |
| 1092 | Access Protection (OAS) | SEVERITY_MINOR | ops.service.start | deny create, deny read, deny write, deny execute, deny delete, deny modify, deny terminate | 257 | Information | Blocked by access protection rule. Access to object %FILENAME% was blocked by rule %INFO%. |
| 1093 | Buffer Overflow (OAS) | SEVERITY_CRITICAL | hip.bo | Blocked | 258 | Warning | Blocked by Buffer Overflow Protection %INFO%. |
| 1094 | Access Protection (OAS) | SEVERITY_MINOR | fw.detect | Blocked | 257 | Information | Blocked by port blocking rule (%INFO%). |
| 1095 | Access Protection (OAS) | SEVERITY_MINOR | ops.service.start | would deny create, would deny read, would deny write, would deny execute, would deny delete, would deny modify, would deny terminate | 257 | Information | Would be blocked by access protection rule (rule is in warn-only mode) (%INFO%) |
| 1096 | Access Protection (OAS) | SEVERITY_MINOR | fw.detect | Would block | 258 | Warning | Would be blocked by port blocking rule (rule is in warn-only mode) (%INFO%). |
| 1099 | Buffer Overflow (OAS) | SEVERITY_CRITICAL | hip.bo | Would block | 257 | Information | Would be blocked by Buffer Overflow Protection (Buffer Overflow Protection is currently in warn mode) (%INFO%). |
| 1100 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV.detect.heuristics, av.pup | None, Access denied | 259 | Error | The file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. Detected with Multiple Extension Heuristics. |
| 1101 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV.detect.heuristics, av.pup | Deleted | 258 | Warning | Multiple Extension Heuristics has detected that file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. The file was deleted. |
| 1102 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV.detect.heuristics, av.pup | Moved | 259 | Error | Multiple Extension Heuristics has detected that file %FILENAME% contains %VIRUSNAME% %VIRUSTYPE%. The file was moved the file to the quarantine area. |
| 1103 | ODS, OAS | SEVERITY_MINOR | AV detect, AV PUP | None | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No action taken. Please run McAfee VirusScan Command Line Scanner to remove this. |
| 1104 | ODS, OAS | SEVERITY_MINOR | AV.detect.heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (File has a multiple extension). |
| 1118 | McUpdate | SEVERITY_INFORMATIONAL | ops.update.end | None | 257 | Information | The update was successful. Scan version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1119 | McUpdate | SEVERITY_WARNING | ops.update.end | None | 258 | Warning | The update failed; see event log. |
| 1120 | McUpdate | SEVERITY_INFORMATIONAL | ops.update | None | 257 | Information | The update is running. |
| 1121 | McUpdate | SEVERITY_WARNING | ops.update.cancel | None | 257 | Information | The update was canceled. |
| 1129 | Task Manager | ops.task.cancel | New Cell | None | 257 | Information | The scan was canceled because Microsoft Windows is shutting down. |
Event IDs for Range 1200 to 1299
| Event ID | Event Source | Event Type | ePO 5.xThreat Category | ePO 5.xAction Taken | McLogEvent | Severity | Description |
| 1202 | ODS | SEVERITY_INFORMATIONAL | ops.task.start | None | 257 | Information | On-demand scan started. |
| 1203 | ODS | SEVERITY_INFORMATIONAL | ops.task.end | None | 257 | Information | On-demand scan complete. Detections %NUMVIRS%, Cleaned %NUMCLEANED%, Deleted %NUMDELETED%, Quarantined %NUMQUARANTINED%.Scan version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1270 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, quarantined successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1271 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, heuristics, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, heuristic detection, quarantined successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1272 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Undetermined clean error, quarantined successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1273 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Encrypted file, quarantined successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1274 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, quarantine failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1275 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, heuristic detection, quarantine failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1276 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Undetermined clean error, quarantine failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1277 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Encrypted file, quarantine failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1278 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, file deleted successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1279 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, heuristics, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, heuristic detection, deleted successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1280 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Undetermined clean error, deleted successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1281 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Encrypted file, deleted successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1282 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, delete failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1283 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, heuristic detection, delete failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1284 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Undetermined clean error, delete failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1285 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Encrypted file, delete failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1289 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Encrypted file, continued scanning (ODS). Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1290 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, OAS denied access and continued. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1291 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, heuristic detection, OAS denied access and continued. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1292 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Undetermined clean error, OAS denied access and continued. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1293 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | AV detect, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Quarantine failed, deleted successfully. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1294 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Quarantine failed, delete failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1296 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Move failed, denied access and continued (OAS). Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1297 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | New CellAV detect, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, quarantined. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1298 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, quarantine failed. Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
Event IDs for Range 1300 to 1399
| Event ID | Event Source | Event Type | ePO 4.xThreat Category | ePO 4.xAction Taken | McLogEvent | Severity | Description |
| 1300 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, denied access and continued (OAS). Detected using Scan engine version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1301 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, Multiple Extension Heuristic detection, quarantined successfully. |
| 1302 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, Multiple Extension Heuristic detection, quarantine failed. |
| 1303 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. No cleaner available, Multiple Extension Heuristic detection, deleted successfully. |
| 1304 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Multiple Extension Heuristic detection, delete failed. |
| 1305 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Clean error, Multiple Extension Heuristic detection, OAS denied access and continued. |
| 1306 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Quarantine failed, deleted successfully. |
| 1307 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Quarantine failed, delete failed. |
| 1308 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Move failed, denied access and continued (OAS) |
| 1309 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, av.pup | Moved | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, quarantined. |
| 1310 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, quarantine failed. |
| 1311 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | None, Access Denied | 259 | Error | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Delete failed, denied access and continued (OAS). |
| 1312 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Move failed). |
| 1313 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Move failed). |
| 1314 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Clean failed because the file is encrypted). |
| 1315 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Clean failed because the virus could be new). |
| 1316 | ODS, OAS | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Clean failed, file has multiple extensions). |
| 1317 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Clean failed because the detection isn't cleanable). |
| 1318 | ODS, OAS | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Will be deleted after the next reboot (Clean failed). |
| 1319 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message has been deleted. |
| 1320 | Outlook Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (could be a new virus). |
| 1321 | Outlook Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Attachment has a multiple extension). |
| 1322 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Clean failed because the file isn't cleanable). |
| 1323 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Clean failed because the file is encrypted). |
| 1324 | Outlook Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Clean failed because the virus could be new). |
| 1325 | Outlook Scan | SEVERITY_MINOR | AV detect, heuristics, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Clean failed, file has a multiple extension). |
| 1326 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Clean failed). |
| 1327 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Move failed). |
| 1328 | Outlook Scan | SEVERITY_MINOR | AV detect, av.pup | Deleted | 257 | Information | The file %FILENAME% contains the %VIRUSNAME% %VIRUSTYPE%. Email message deleted (Move failed, file has a multiple extension). |
| 1329 | None | ops.task.error | none | Not Scanned | 259 | Error | Offline Virtual Image Scan of %VIRTUAL_IMAGE_NAME% failed due to a sharing violation |
| 1330 | OVI | ops.task.error | none | Not Scanned | 259 | Error | Offline Virtual Image Scan of %VIRTUAL_IMAGE_NAME% failed due to a removable drive conflict |
| 1331 | OVI | ops.task.error | none | Not Scanned | 259 | Error | Offline Virtual Image Scan of %VIRTUAL_IMAGE_NAME% failed due to a failure to virtualize the registry |
| 1332 | OVI | ops.task.error | none | Not Scanned | 259 | Error | Offline Virtual Image Scan of %VIRTUAL_IMAGE_NAME% failed, the image is in a suspended or running state |
| 1333 | OVI | ops.update.end | none | N/A | 257 | Information | Offline Virtual Image Scan successfully copied DATs (%DAT_VERSION%) to %VIRTUAL_IMAGE_NAME% |
| 1334 | OVI | ops.task.error | none | N/A | 259 | Error | Offline Virtual Image Scan failed to copy DATs to %VIRTUAL_IMAGE_NAME% |
| 1335 | OVI | ops.task.start | none | N/A | 257 | Information | Offline Virtual Image scan started. |
| 1336 | OVI | ops.task.end | none | N/A | 257 | Information | Offline Virtual Image scan complete. Detections %NUMVIRS%, Cleaned %NUMCLEANED%, Deleted %NUMDELETED%, Quarantined %NUMQUARANTINED%.Scan version %ENGINEVERSION% DAT version %DATVERSION%. |
| 1337 | OVI | ops.task.error | none | Not Scanned | 257 | Information | Offline Virtual Image scan failed due to a partition mount failure with %VIRTUAL_IMAGE_NAME% |
| 1338 | OVI | ops.task.error | none | Not Scanned | 257 | Information | Offline Virtual Image scan failed for %VIRTUAL_IMAGE_NAME% |
| 1339 | OVI | ops.task.error | none | Not Scanned | 257 | Information | Offline Virtual Image scan failed unable to load required library. Image: %VIRTUAL_IMAGE_NAME% |
| 1340 | VSAS | ops.service.error | none | N/A | 257 | Information | Connect to filer failed. |
| 1341 | VSAS | ops | none | N/A | 257 | Information | Connect to filer succeeded. |
| 1342 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image scan failed to connect to VM server due to bad IP address |
| 1343 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image scan failed to connect to VM server due to bad username or password |
| 1344 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image scan failed opening VM |
| 1345 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image scan failed to scan VM %1. Another XenServer VM scan is already in progress. |
| 1346 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image scan failed to scan VM %1. Citrix XenServer VM scans can only be run when VirusScan Enterprise for Offline Virtual Images is running on Windows XP. |
| 1347 | OVI | ops.task.error | none | N/A | 257 | Information | Offline Virtual Image disk access error while scanning VM %1. |
Event IDs for Range 4700 - 4799
| Event ID | Event Source | Event Type | ePO 4.x Threat Category | ePO 4.xAction Taken | McLogEvent | Severity | Description |
| 4700 | McUpdate | SEVERITY_MINOR | ops.service.error | None | 258 | Warning | Failed to connect to CMA updater. |
| 4702 | McUpdate | SEVERITY_MINOR | ops.service.error | None | 258 | Warning | Failed to save schedule data into CMA |
Event IDs for Range 21400 to 21499
| Event ID | Event Source | Event Type | ePO 5.xThreat Category | ePO 5.xAction Taken | McLogEvent | Severity | Description |
| 21400 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings |
| 21401 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, clean failed. |
| 21402 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings,clean and move failed. |
| 21403 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Moved | 259 | Error | %FILENAME% was detected using user defined detection settings, moved to quarantine after clean failed. |
| 21404 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, clean and delete failed. |
| 21405 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Deleted | 259 | Error | %FILENAME% was detected using user defined detection settings, deleted after clean failed. |
| 21406 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Moved | 259 | Error | %FILENAME% was detected using user defined detection settings, file moved to quarantine. |
| 21407 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, move and delete failed. |
| 21408 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Deleted | 259 | Error | %FILENAME% was detected using user defined detection settings, deleted after move failed. |
| 21409 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, unable to move to quarantine. |
| 21410 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Deleted | 259 | Error | %FILENAME% was detected using user defined detection settings, file deleted. |
| 21411 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, delete and move failed.. |
| 21412 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_MAJOR | av.pup | Moved | 259 | Error | %FILENAME% was detected using user defined detection settings, moved to quarantine after delete failed.2 ODS, OAS, Outlook Scan, Domino Scan SEVERITY_MAJOR 259 Error %FILENAME% was detected using user defined detection settings, moved to quarantine after delete failed. |
| 21413 | ODS, OAS, Outlook Scan, Domino Scan | SEVERITY_CRITICAL | av.pup | none, access denied | 259 | Error | %FILENAME% was detected using user defined detection settings, unable to delete. |
| 21414 | ODS, OAS | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Will be deleted after the next reboot (Clean failed because the detection isn't cleanable) |
| 21415 | ODS, OAS | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Will be deleted after the next reboot |
| 21416 | ODS, OAS | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Will be deleted after the next reboot (Move Failed) |
| 21417 | Outlook Scan | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Email message deleted |
| 21418 | Outlook Scan | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Email message deleted (Clean failed) |
| 21419 | Outlook Scan | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Email message deleted (Move failed) |
| 21420 | Outlook Scan | SEVERITY_MINOR | av.pup | Deleted | 257 | Information | User defined detection : Email message deleted (Attachment delete failed)testy |
| Event ID | Event Source | Event Type | ePO 5.xThreat Category | ePO 5.xAction Taken | McLogEvent | Severity | Description |
| N/A | Task Manager | N/A | N/A | N/A | 1006 | Error | Task Manager : Service Error : %1 |
| N/A | Task Manager | N/A | N/A | N/A | 1007 | Error | Task Manager : Could not open registry keys |
| N/A | Task Manager | N/A | N/A | N/A | 1008 | Error | The McShield service terminated unexpectedly.%n Please review event 5019 or 5051 for details. The McShield service will be restarted in %1 seconds |
| N/A | OAS | N/A | N/A | N/A | 5000 | Information | %n Number of signatures in EXTRA.DAT : %3%n Names of threats that EXTRA.DAT can detect : %4 |
| N/A | None | N/A | N/A | N/A | 5001 | Warning | File Cache couldn't be created. |
| N/A | OAS | N/A | N/A | N/A | 5003 | Error | Event couldn't be created. |
| N/A | OAS | N/A | N/A | N/A | 5004 | Error | "Could not contact Filter Driver.%n Error = %1 : %2 |
| N/A | None | N/A | N/A | N/A | 5005 | Error | Could not create I/O Completion port. |
| N/A | None | N/A | N/A | N/A | 5008 | Error | Extra driver is faulty.%n%1 |
| N/A | None | N/A | N/A | N/A | 5010 | Error | A scanner could not be started. |
| N/A | OAS | N/A | N/A | N/A | 5011 | Error | Memory allocation failed. |
| N/A | OAS | N/A | N/A | N/A | 5019 | Error | Exception in McShield.Exe!%n Exception details follow :%1 |
| N/A | None | N/A | N/A | N/A | 5020 | Error | MCSCAN32.DLL is missing from the engine directory or is corrupted. |
| N/A | None | N/A | N/A | N/A | 5021 | Error | The version of MCSCAN32.DLL in the engine directory is incorrect. |
| N/A | OAS | N/A | N/A | N/A | 5022 | Error | MCSCAN32 Engine Initialization failed. Engine returned error : %1 |
| N/A | OAS | N/A | N/A | N/A | 5025 | Warning The alert queue has grown too big.%n Only the alert dialog and the report file will be used for logging virus alerts until existing alerts in the queue have been processed. | |
| N/A | OAS | N/A | N/A | N/A | 5026 | Information | Full logging has restarted. |
| N/A | OAS | N/A | N/A | N/A | 5028 | Warning | %3 McShield service received an invalid filename from the NaiFiltr device driver.%n Received name = %1%n Process = %2%n |
| N/A | None | N/A | N/A | N/A | 5030 | Error | NaiFiltr driver Register failed with error %1 |
| N/A | None | N/A | N/A | N/A | 5031 | Error | NaiFiltr driver Hook failed with error %1 |
| N/A | None | N/A | N/A | N/A | 5032 | Error | NaiFiltr driver Start failed with error %1 |
| N/A | None | N/A | N/A | N/A | 5033 | Error | NaiFiltr driver is newer than McShield.exe.%n Actual NaiFiltr version %1%n McShield.exe expected version %2.xx |
| N/A | None | N/A | N/A | N/A | 5034 | Error | NaiFiltr driver is older than McShield.exe.%n Actual NaiFiltr version %1%n McShield.exe expected version %2.xx |
| N/A | OAS | N/A | N/A | N/A | 5035 | Error | SSCntrl.sys is still running, this version of %1 uses NaiFiltr.sys.%n The SSCntrl.sys device has been uninstalled but a reboot is required to remove it from memory.%n The system must be rebooted before %1 will run.%n |
| N/A | OAS | N/A | N/A | N/A | 5036 | Warning | Citrix WinFrame specific features are not supported on WinFrame version 1.6.%n %1 will continue with WinFrame features disabled.%n Currently supported versions of Terminal Services are those on Windows NT4 SP4+ and Windows 2000.%n |
| N/A | OAS | N/A | N/A | N/A | 5037 | Warning | Unrecognized version of Microsoft Terminal Services detected.%n %1 will continue with Terminal Services features disabled.%n Currently supported versions of Terminal Services are those on Windows NT4 SP4+ and Windows 2000.%n |
| N/A | OAS | N/A | N/A | N/A | 5038 | Warning | Could not load winsta.dll%n %1 will continue with Terminal Services features disabled.%n |
| N/A | OAS | N/A | N/A | N/A | 5039 | Warning | The %1 McShield scanning service could not load naiann.dll. Viruses will still be detected but no alerting will occur |
| N/A | OAS | N/A | N/A | N/A | 5040 | Warning | The %1 McShield scanning service could not load functions from naiann.dll Viruses will still be detected but no alerting will occur" |
| N/A | OAS | N/A | N/A | N/A | 5041 | Warning | The %1 McShield scanning service loaded naiann.dll but it reported the wrong version Viruses will still be detected but no alerting will occur |
| N/A | OAS | N/A | N/A | N/A | 5046 | Error | The McShield scanning service cannot find any configuration in the registry%n |
| N/A | OAS | N/A | N/A | N/A | 5047 | Error | The McShield scanning service cannot get the Backup privilege%n Please check that the account McShield is running under has the "Back up files and directories" right. |
| N/A | OAS | N/A | N/A | N/A | 5048 | Error | The McShield scanning service cannot get the Restore privilege%n Please check that the account McShield is running under has the "Back up files and directories" right. |
| N/A | OAS | N/A | N/A | N/A | 5049 | Error | The McShield scanning service cannot get the TakeOwnership privilege%n Please check that the account McShield is running under has the "Take ownership of files and other objects" right. |
| N/A | OAS | N/A | N/A | N/A | 5050 | Error | The McShield scanning service cannot get the TCB privilege%n Please check that the account McShield is running under has the "Act as part of the operating system" right. |
| N/A | OAS | N/A | N/A | N/A | 5051 | Error | A thread in process %1 took longer than %2 ms to complete a request.%n The process will be terminated. Thread id : %3%n Thread address : %4%n Thread message : %n%5 |
| N/A | None | N/A | N/A | N/A | 5052 | Information | The scanning engine installed for this product is becoming close to the end of its designed life. To maintain correct anti-virus capability, it is recommended that the scanning engine be updated as soon as possible. |
| N/A | None | N/A | N/A | N/A | 5053 | Warning | The scanning engine installed for this product is becoming very close to the end of its designed life and its further use can no longer be supported. To maintain correct anti-virus capability, it is now important that the scanning engine is updated as soon as possible. |
| N/A | None | N/A | N/A | N/A | 5054 | Error | The scanning engine installed for this product can no longer provide satisfactory virus protection. To provide correct anti-virus capability, it is now necessary to update the scanning engine. |
| N/A | None | N/A | N/A | N/A | 5055 | Information | This software product is becoming close to the end of its designed life. To maintain correct anti-virus capability, it is recommended that the product be updated as soon as possible. |
| N/A | None | N/A | N/A | N/A | 5056 | Warning | This software product is becoming very close to the end of its designed life and its further use can no longer be supported. To maintain correct anti-virus capability, it is now important that the product is updated as soon as possible. |
| N/A | None | N/A | N/A | N/A | 5057 | Error | This software product can no longer provide satisfactory virus protection. To maintain correct anti-virus capability, it is now necessary that the product be updated. |
| N/A | None | N/A | N/A | N/A | 5059 | Error | Exception in %1.Exe %n Exception details follow : %2 |
| N/A | OAS | N/A | N/A | N/A | 5060 | Error | This product cannot be used on a NetApp filer's scanner server. %n NetShield for NetApp is required. |
| N/A | OAS | N/A | N/A | N/A | 5061 | Warning | FTL.DLL is missing from the product directory or is corrupted.%n On-Access scanning will continue, but no files or directories will be excluded from the scan. |
| N/A | OAS | N/A | N/A | N/A | 5062 | Warning | The version of FTL.DLL in the product directory is incorrect.%n On-Access scanning will continue, but no files or directories will be excluded from the scan. |
| N/A | None | N/A | N/A | N/A | 5063 | Error | MCSCAN32 : A scan request returned an error.%n Engine returned error : %1%n Scan Location : %3%n Object's name : %2%n |
| N/A | OAS | N/A | N/A | N/A | 5064 | Error | MCSCAN32 : Failed to read virus names from extra.dat.%n Engine returned error : %1%n |
| N/A | OAS | N/A | N/A | N/A | 5065 | Warning | The computer was started in safemode. McShield will not apply any Access Protection rules or enable Buffer Overflow Protection.%n |
- wong chee tat :)
No comments:
Post a Comment