Malware
The malicious software (malware) category contains events that are related to application exploits and buffer overflow attempts.
The following table describes the low-level event categories and associated severity levels for the malware category.
| Low-level event category | Category ID | Description | Severity level (0 - 10) |
|---|---|---|---|
| Unknown Malware | 6001 | Indicates an unknown virus. | 4 |
| Backdoor Detected | 6002 | Indicates that a back door to the system was detected. | 9 |
| Hostile Mail Attachment | 6003 | Indicates a hostile mail attachment. | 6 |
| Malicious Software | 6004 | Indicates a virus. | 6 |
| Hostile Software Download | 6005 | Indicates a hostile software download to your network. | 6 |
| Virus Detected | 6006 | Indicates that a virus was detected. | 8 |
| Misc Malware | 6007 | Indicates miscellaneous malicious software | 4 |
| Trojan Detected | 6008 | Indicates that a trojan was detected. | 7 |
| Spyware Detected | 6009 | Indicates that spyware was detected on your system. | 6 |
| Content Scan | 6010 | Indicates that an attempted scan of your content was detected. | 3 |
| Content Scan Failed | 6011 | Indicates that a scan of your content failed. | 8 |
| Content Scan Successful | 6012 | Indicates that a scan of your content was successful. | 3 |
| Content Scan in Progress | 6013 | Indicates that a scan of your content is in progress. | 3 |
| Keylogger | 6014 | Indicates that a key logger was detected. | 7 |
| Adware Detected | 6015 | Indicates that Ad-Ware was detected. | 4 |
| Quarantine Successful | 6016 | Indicates that a quarantine action successfully completed. | 3 |
| Quarantine Failed | 6017 | Indicates that a quarantine action failed. | 8 |
| Malware Infection | 6018 | Indicates that a malware infection was detected. | 10 |
| Remove Successful | 6019 | Indicates that the removal was successful. | 3 |
| Remove Failed | 6020 | Indicates that the removal failed. | 8 |