| DisplayName | ID | Target | Algorithm | Source Monitor | Relationship | Category | Enabled | Alert Generate | Accessibility |
| 反恶意软件定义 | Microsoft.FEP.SecurityRootCause.AntimalwareDefinitions.AntimalwareDefinitions.Monitor | Microsoft.FEP.SecurityRootCause.AntimalwareDefinitions | WorstOf | Microsoft.FEP.ProtectedServer.AntimalwareDefinitions.Monitor | Microsoft.FEP.AntimalwareDefinitionsReferencesProtectedServer | Custom | True | False | Public |
| 反恶意软件定义寿命 | Microsoft.FEP.SecurityRootCause.AntimalwareDefinitions.AntimalwareDefinitionsDate.Monitor | Microsoft.FEP.SecurityRootCause.AntimalwareDefinitions | WorstOf | Microsoft.FEP.ProtectedServer.AntimalwareDefinitionsDate.Monitor | Microsoft.FEP.AntimalwareDefinitionsReferencesProtectedServer | Custom | True | False | Public |
| 反恶意软件引擎 | Microsoft.FEP.SecurityRootCause.AntimalwareEngine.AMStatus.Monitor | Microsoft.FEP.SecurityRootCause.AntimalwareEngine | WorstOf | Microsoft.FEP.ProtectedServer.AMStatus.Monitor | Microsoft.FEP.AntimalwareEngineReferencesProtectedServer | Custom | True | False | Public |
| 活动恶意软件 | Microsoft.FEP.SecurityRootCause.MalwareActivity.ActiveMalware.Monitor | Microsoft.FEP.SecurityRootCause.MalwareActivity | WorstOf | Microsoft.FEP.ProtectedServer.ActiveMalware.Monitor | Microsoft.FEP.MalwareActivityReferencesProtectedServer | Custom | True | False | Public |
| 等待执行其他操作 | Microsoft.FEP.SecurityRootCause.MalwareActivity.PendingAdditionalActions.Monitor | Microsoft.FEP.SecurityRootCause.MalwareActivity | WorstOf | Microsoft.FEP.ProtectedServer.PendingAdditionalActions.Monitor | Microsoft.FEP.MalwareActivityReferencesProtectedServer | Custom | True | False | Public |
| 恶意软件爆发 | Microsoft.FEPS.ProtectedServersWatcher.MalwareOutbreak.Monitor | Microsoft.FEP.ProtectedServersWatcher | Percentage | Microsoft.FEP.SecurityRootCause.MalwareActivity.OutbreakMonitor | Microsoft.FEP.ProtectedServersWatcherContainsMalwareActivity | Custom | True | True | Public |