Cisco Cisco Web Security Appliance S380 User Guide

A malware scanning verdict is a value assigned to a URL request or server response that determines the 
probability that it contains malware. The scanning engines return the malware scanning verdict to the 
DVS engine so the DVS engine can determine whether to monitor or block the scanned object.

They are the result of proprietary calculations that associate a numerical value to the probability that 
either the URL request or the response content contains malware. Each malware scanning verdict 
corresponds to a malware category listed on the Access Policies > Reputation and Anti-Malware Settings 
page when you edit the anti-malware settings for a particular Access Policy.

Webroot, McAfee, and Sophos scanning engines can return malware scanning verdicts to the DVS 
engine. For more information about how the DVS engine handles malware scanning verdicts, see 

 lists the different Malware Scanning Verdict Values and each malware category with which 

they correspond. 

-

Not  Set

0 Unknown

1 Not 

Scanned

2 Timeout

3 Error

4 Unscannable

10 Generic 

Spyware

12 

Browser Helper Object

13 Adware

14 System 

Monitor

18 Commercial 

System 

Monitor

19 Dialer

20 Hijacker

21 Phishing 

URL

22 Trojan 

Downloader

23 Trojan 

Horse

24 Trojan 

Phisher

25 Worm

26 Encrypted 

File

27 Virus

33 Other 

Malware

34 PUA

35 Aborted

36 Outbreak 

Heuristics