Malware
The malicious software (malware) category contains events that are related to application exploits and buffer overflow attempts.
The following table describes the low-level event categories and associated severity levels for the malware category.
Low-level event category |
Category ID |
Description |
Severity level (0 - 10) |
|---|---|---|---|
Unknown Malware |
6001 |
Indicates an unknown virus. |
4 |
Backdoor Detected |
6002 |
Indicates that a back door to the system was detected. |
9 |
Hostile Mail Attachment |
6003 |
Indicates a hostile mail attachment. |
6 |
Malicious Software |
6004 |
Indicates a virus. |
6 |
Hostile Software Download |
6005 |
Indicates a hostile software download to your network. |
6 |
Virus Detected |
6006 |
Indicates that a virus was detected. |
8 |
Misc Malware |
6007 |
Indicates miscellaneous malicious software |
4 |
Trojan Detected |
6008 |
Indicates that a trojan was detected. |
7 |
Spyware Detected |
6009 |
Indicates that spyware was detected on your system. |
6 |
Content Scan |
6010 |
Indicates that an attempted scan of your content was detected. |
3 |
Content Scan Failed |
6011 |
Indicates that a scan of your content failed. |
8 |
Content Scan Successful |
6012 |
Indicates that a scan of your content was successful. |
3 |
Content Scan in Progress |
6013 |
Indicates that a scan of your content is in progress. |
3 |
Keylogger |
6014 |
Indicates that a key logger was detected. |
7 |
Adware Detected |
6015 |
Indicates that Ad-Ware was detected. |
4 |
Quarantine Successful |
6016 |
Indicates that a quarantine action successfully completed. |
3 |
Quarantine Failed |
6017 |
Indicates that a quarantine action failed. |
8 |
Malware Infection |
6018 |
Indicates that a malware infection was detected. |
10 |
Remove Successful |
6019 |
Indicates that the removal was successful. |
3 |
Remove Failed |
6020 |
Indicates that the removal failed. |
8 |