About virus and security risks
Symantec Endpoint Protectionscans for both viruses and for security risks. Viruses and security risks can arrive through email messages or instant messenger programs. Often a user unknowingly downloads a risk by accepting an End User License Agreement from a software program.
Many viruses and security risks are installed as drive-by downloads. These downloads usually occur when users visit malicious or infected Web sites, and the application's downloader installs through a legitimate vulnerability on the computer.
You can change the action that
Symantec Endpoint Protectiontakes when it detects a virus or a security risk. For Windows clients, the security risk categories are dynamic and change over time as Symantec collects information about risks. See:
You can view information about specific virus and security risks on the Symantec Security Response Web site.
Programs or code that attach a copy of themselves to another computer program or file when it runs. When the infected program runs, the attached virus program activates and attaches itself to other programs and files.
The following types of threats are included in the virus category:
Programs that deliver any advertising content.
Messages that Web servers send to Web browsers for the purpose of identifying the computer or user.
Programs that use a computer, without the user's permission or knowledge, to dial out through the Internet to a 900 number or FTP site. Typically, these numbers are dialed to accrue charges.
Programs that hackers use to gain unauthorized access to a user's computer. For example, one hacking tool is a keystroke logger, which tracks and records individual keystrokes and sends this information back to the hacker. The hacker can then perform port scans or vulnerability scans. Hacking tools may also be used to create viruses.
Programs that alter or interrupt the operation of a computer in a way that is intended to be humorous or frightening. For example, a joke program might move the recycle bin away from the mouse when the user tries to delete an item.
Applications that intentionally misrepresent the security status of a computer. These applications typically masquerade as security notifications about any fake infections that must be removed.
Parental control programs
Programs that monitor or limit computer usage. The programs can run undetected and typically transmit monitoring information to another computer.
Remote access programs
Programs that allow access over the Internet from another computer so that they can gain information or attack or alter a user's computer.
Security assessment tool
Programs that are used to gather information for unauthorized access to a computer.
Stand-alone programs that can secretly monitor system activity and detect passwords and other confidential information and relay it back to another computer.
Stand-alone or appended applications that trace a user's path on the Internet and send information to the controller or hacker's system.