Table sem5.dbo.VIRUS
Keeps the list of threats found in the network

Generated by
SchemaSpy
Legend:
Primary key columns
Columns with indexes
Implied relationships
Excluded column relationships
< n > number of related tables
 
Column Type Size Nulls Auto Default Children Parents Comments
VIRUSNAME_IDX char 32
VIRUSNAME nvarchar 510 ('') Name of virus / threat
CATEGORY int 4 ((-1)) Current category (as downloaded from Symantec's web site). Values are 1 through 5 where 1 is very low and 5 is very severe. -1 means unknown or not applicable. This rating is only applicable to viral threats.
MAXCATEGORY int 4 ((-1)) Maximum category that the virus has reached. Values are 1 through 5. -1 means unknown or not applicable. This rating is only applicable to viral threats.
TYPE int 4  √  (NULL) Threat type:
0 = Viral
1 = Non-Viral malicious
2 = Malicious
3 = Antivirus - Heuristic
4 = Security risk
5 = Hack tool
6 = Spyware
7 = Trackware
8 = Dialer
9 = Remote access
10 = Adware
11 = Jokeware
12 = Client compliancy
13 = Generic load point
14 = Proactive Threat Scan - Heuristic
15 = Cookie
TYPE2 int 4  √  (NULL) Threat location:
0 = Boot virus
1 = File virus
2 = Mutation virus
3 = Macro virus
4 = File virus
5 = File virus
6 = Memory virus
7 = Memory OS virus
8 = Memory mcb virus
9 = Memory highest virus
11 = Virus behavior
12 = Virus behavior
13 = Compressed file
14 = Heuristic
DISCOVERED datetime 16,3 ('19700101') When threat was first discovered by Symantec (as downloaded from Symantec's web site)
VID bigint 8 ((0)) Unique identifier for a virus set by Security Response
USN bigint 8 ((1)) A USN-based serial number; this ID is not unique.
TIME_STAMP bigint 8 ((0)) The time when the event is logged into system (GMT), which is server side time
DELETED tinyint 1 ((0)) Deleted row: 0 = Not deleted, 1 = deleted
PATTERN_IDX char 32 ('') Pointer to table 'pattern', that protects against this threat/virus
TOP_THREAT tinyint 1 ((0)) 0 = Not a top threat, 1 = top threat
LATEST_THREAT tinyint 1 ((0)) 0 = not a latest threat, 1 = latest threat
STEALTH int 4 ((-1)) Assesses how easy it is to determine if a security risk is present on a computer. 0 = No rating, 1,2 = Low, 3 = Medium, 4> = High, -1 means not applicable. This rating is only applicable to non-viral threats.
REMOVAL int 4 ((-1)) Skill level required to remove the threat from a given computer. 0 = No rating, 1,2 = Low, 3 = Medium, 4 >= High, -1 means not applicable. This rating is only applicable to non-viral threats.
PERFORMANCE int 4 ((-1)) Measures the negative impact that the presence of a security risk has on the computer's performance. 0= No rating, 1,2= Low, 3= Medium, 4>= High, -1 means not applicable. This rating is only applicable to non-viral threats.
PRIVACY int 4 ((-1)) The level of privacy that is lost due to the presence of a security risk on a computer. 0= No rating, 1, 2 = Low, 3 = Medium, 4 >= High, -1 means not applicable. This rating is only applicable to non-viral threats.
DEPENDENCY int 4 ((-1)) Number of dependent components that risk installs. 0 = No rating, 1, 2 = Low, 3 = Medium, 4 >= High, -1 means not applicable. This rating is only applicable to non-viral threats.
OVERALL int 4 ((-1)) An average of all the security risk ratings. This rating is only applicable to non-viral threats.
DYNAUBER int 4  √  (NULL) Uber category for the risk threat. Links to VIRUSCATEGORY table.
DYNACAT int 4  √  (NULL) Sub category ID for the risk threat. Links to VIRUSCATEGORY table.
DETECTION_TYPE int 4 ((-1)) Detection type

Analyzed at Mon Oct 29 12:07 PDT 2012

Indexes:
Column(s) Type Sort Constraint Name
VIRUSNAME_IDX Primary key Asc PK_VIRUS
VIRUSNAME_IDX + VIRUSNAME + CATEGORY + TYPE2 + TYPE + DISCOVERED Performance Asc/Asc/Asc/Asc/Asc/Asc I_VIRUS_IDX_PLUS
LATEST_THREAT + VIRUSNAME Performance Asc/Asc I_VIRUS_LATEST_THREAT_PLUS
TOP_THREAT + VIRUSNAME Performance Asc/Asc I_VIRUS_TOP_THREAT_PLUS
VIRUSNAME + DELETED Performance Asc/Asc I_VIRUS_VIRUSNAME_DELETED
VIRUSNAME_IDX + DYNAUBER + VIRUSNAME + CATEGORY + TYPE2 + DISCOVERED Performance Asc/Asc/Asc/Asc/Asc/Asc I_VIRUS_VIRUSNAME_PLUS