Windows Dev Center

MSFT_MpThreat class

This is a singleton that represents the Microsoft Antimalware service infection status

The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties.

Syntax

class MSFT_MpThreat : BaseStatus
{
  string  SchemaVersion = 1.0.0.0";
  sint64  ThreatID;
  string  ThreatName;
  uint8   SeverityID;
  uint8   CategoryID;
  uint8   TypeID;
  uint32  RollupStatus;
  string  Resources[];
  boolean DidThreatExecute = false;
  boolean IsActive = false;
};

Members

The MSFT_MpThreat class has these types of members:

Methods

The MSFT_MpThreat class has these methods.

MethodDescription
Remove

TBD

 

Properties

The MSFT_MpThreat class has these properties.

CategoryID
Data type: uint8
Access type: Read-only

Category ID - Enumeration

INVALID (0)
ADWARE (1)
SPYWARE (2)
PASSWORDSTEALER (3)
TROJANDOWNLOADER (4)
WORM (5)
BACKDOOR (6)
REMOTEACCESSTROJAN (7)
TROJAN (8)
EMAILFLOODER (9)
KEYLOGGER (10)
DIALER (11)
MONITORINGSOFTWARE (12)
BROWSERMODIFIER (13)
COOKIE (14)
BROWSERPLUGIN (15)
AOLEXPLOIT (16)
NUKER (17)
SECURITYDISABLER (18)
JOKEPROGRAM (19)
HOSTILEACTIVEXCONTROL (20)
SOFTWAREBUNDLER (21)
STEALTHNOTIFIER (22)
SETTINGSMODIFIER (23)
TOOLBAR (24)
REMOTECONTROLSOFTWARE (25)
TROJANFTP (26)
POTENTIALUNWANTEDSOFTWARE (27)
ICQEXPLOIT (28)
TROJANTELNET (29)
FILESHARINGPROGRAM (30)
MALWARE_CREATION_TOOL (31)
REMOTE_CONTROL_SOFTWARE (32)
TOOL (33)
TROJAN_DENIALOFSERVICE (34)
TROJAN_DROPPER (36)
TROJAN_MASSMAILER (37)
TROJAN_MONITORINGSOFTWARE (38)
TROJAN_PROXYSERVER (39)
VIRUS (40)
KNOWN (42)
UNKNOWN (43)
SPP (44)
BEHAVIOR (45)
VULNERABILTIY (46)
POLICY (47)
DidThreatExecute
Data type: boolean
Access type: Read-only

Specifies if threat has executed

IsActive
Data type: boolean
Access type: Read-only

Specifies if the threat is active

Resources
Data type: string array
Access type: Read-only

List of resources affected by the threat

RollupStatus
Data type: uint32
Access type: Read-only

Threat Rollup Status

SchemaVersion
Data type: string
Access type: Read-only

The Schema Version

SeverityID
Data type: uint8
Access type: Read-only

Severity ID - Enumeration

Unknown (0)
Low (1)
Moderate (2)
High (3)
Severe (4)
ThreatID
Data type: sint64
Access type: Read-only
Qualifiers: Key

Unique Detection ID

ThreatName
Data type: string
Access type: Read-only

The name of the threat

TypeID
Data type: uint8
Access type: Read-only

Type ID - Enumeration

Known Bad (0)
Behavior (1)
Unknown (2)
Known Good (3)
NRI (4)

Requirements

Minimum supported client

Windows 8.1 [desktop apps only]

Minimum supported server

Windows Server 2012 R2 [desktop apps only]

Namespace

Root\Microsoft\Windows\Defender

MOF

Protectionmanagement.mof

 

 

Community Additions

ADD
Show:
© 2015 Microsoft