Spyware/Grayware Log

Logs > Log Query > Spyware/Grayware Log

Logs include the name of the Internet threat, date and time of detection, the name and path of the infected file, action taken, User ID, and the means of detection (real-time scan, manual scan).

Check the Trend Micro Virus Encyclopedia for a detailed description of any Internet threat IWSVA detects, including clean-up routines (if appropriate).

For the http and access logs, you can refer to /var/iwss/urlfcMapping.ini to learn the meanings of the category codes.

Time period—Display logs for current day, week, month, or "All Dates."
Range—Choose a start and end date to define the time period for which you want to view logs (inclusive). If logs from the start date are no longer on the server (or database), the earliest available logs will be displayed.

Grayware—Select the type of grayware you want to include in the logs. If more than one instance of the same type occurred, for example, the same grayware or spyware was detected multiple times, all instances will be displayed.
Protocol—Select the protocol type(s) for which you want to view logs.

Sort by—Choose the order in which you want IWSVA to group the logs:

Grayware—The name of the detected virus, worm, Trojan, and so on. Click this name to open the Trend Micro Virus Encyclopedia for the given threat type
Date—The date and time of the request
Action—The action taken: delete, quarantine, pass; spyware and grayware do not infect a file and cannot be cleaned
Category—The malware type: spyware, adware, dialers, jokes, and so on
Scan Type—The IWSVA scanning module that detected the malware: virus scan, PhishTrap, content filter, etc.
File Name—The name of the malware
User ID—The user whose Internet download or upload contained the threat

Note: Depends on the User ID method selected in Administration > IWSVA Configuration > User Identification | User Identification.

Protocol—The protocol type used for the connection

Spyware/Grayware Log

See also