Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Malware

 

The malicious software (malware) category contains events that are related to application exploits and buffer overflow attempts.

The following table describes the low-level event categories and associated severity levels for the malware category.

Table 1: Low-level Categories and Severity Levels for the Malware Events Category

Low-level event category

Category ID

Description

Severity level (0 - 10)

Unknown Malware

6001

Indicates an unknown virus.

4

Backdoor Detected

6002

Indicates that a back door to the system was detected.

9

Hostile Mail Attachment

6003

Indicates a hostile mail attachment.

6

Malicious Software

6004

Indicates a virus.

6

Hostile Software Download

6005

Indicates a hostile software download to your network.

6

Virus Detected

6006

Indicates that a virus was detected.

8

Misc Malware

6007

Indicates miscellaneous malicious software

4

Trojan Detected

6008

Indicates that a trojan was detected.

7

Spyware Detected

6009

Indicates that spyware was detected on your system.

6

Content Scan

6010

Indicates that an attempted scan of your content was detected.

3

Content Scan Failed

6011

Indicates that a scan of your content failed.

8

Content Scan Successful

6012

Indicates that a scan of your content was successful.

3

Content Scan in Progress

6013

Indicates that a scan of your content is in progress.

3

Keylogger

6014

Indicates that a key logger was detected.

7

Adware Detected

6015

Indicates that Ad-Ware was detected.

4

Quarantine Successful

6016

Indicates that a quarantine action successfully completed.

3

Quarantine Failed

6017

Indicates that a quarantine action failed.

8

Malware Infection

6018

Indicates that a malware infection was detected.

10

Remove Successful

6019

Indicates that the removal was successful.

3

Remove Failed

6020

Indicates that the removal failed.

8

Related Documentation