Tens of thousands of virus/malware exist, with more being created each day. Although once most common in DOS or Windows, endpoint viruses today can cause a great amount of damage by exploiting vulnerabilities in corporate networks, email systems and websites.
|
Virus / Malware Type |
Description |
|---|---|
|
Joke program |
Joke programs are virus-like programs that often manipulate the appearance of things on the endpoint's monitor. |
|
Others |
"Others" include viruses/malware not categorized under any of the other virus/malware types. |
|
Packer |
Packers are compressed and/or encrypted Windows or Linux™ executable programs, often a Trojan horse program. Compressing executables makes packers more difficult for antivirus products to detect. |
|
Ransomware |
Ransomware is a type of threat that encrypts, modifies, or locks files and then attempts to extort the user into paying some sort of ransom demand to retrieve the data. Some ransomware threats automatically delete the data if the ransom is not paid in time. |
|
Rootkit |
Rootkits are programs (or collections of programs) that install and execute code on a system without end user consent or knowledge. They use stealth to maintain a persistent and undetectable presence on the machine. Rootkits do not infect machines, but rather, seek to provide an undetectable environment for malicious code to execute. Rootkits are installed on systems via social engineering, upon execution of malware, or simply by browsing a malicious website. Once installed, an attacker can perform virtually any function on the system to include remote access, eavesdropping, as well as hide processes, files, registry keys and communication channels. |
|
Test virus |
Test viruses are inert files that act like a real virus and are detectable by virus-scanning software. Use test viruses, such as the EICAR test script, to verify that your antivirus installation scans properly. |
|
Trojan horse |
Trojan horse programs often use ports to gain access to computers or executable programs. Trojan horse programs do not replicate but instead reside on systems to perform malicious acts, such as opening ports for hackers to enter. Traditional antivirus solutions can detect and remove viruses but not Trojans, especially those already running on the system. |
|
Virus |
Viruses are programs that replicate. To do so, the virus needs to attach itself to other program files and execute whenever the host program executes, including:
|
|
Network Virus |
A virus spreading over a network is not, strictly speaking, a network virus. Only some virus/malware types, such as worms, qualify as network viruses. Specifically, network viruses use network protocols, such as TCP, FTP, UDP, HTTP, and email protocols to replicate. They often do not alter system files or modify the boot sectors of hard disks. Instead, network viruses infect the memory of agent endpoints, forcing them to flood the network with traffic, which can cause slowdowns and even complete network failure. Because network viruses remain in memory, they are often undetectable by conventional file I/O based scanning methods. |
|
Probable virus/malware |
Probable viruses/malware are suspicious files that have some of the characteristics of viruses/malware. For details, see the Trend Micro Threat Encyclopedia: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/#malware Note:
Clean cannot be performed on probable virus/malware, but the scan action is configurable. |