Categories

Spyware:
Shavlik classifies software as " Spyware" when a program is installed without a user's consent or knowledge. This classification is also used for software that tracks a user's habits, personally identifiable information or other computer content which is transmitted from the victim's computer and relayed to a third party.

Adware:
Shavlik classifies software as "Adware" when a program's primary purpose is to display contextual advertising to an end user.

Malware:
Shavlik classifies software as " Malware" when the software exploits security flaws to download and install itself or other software on a user’s machine. Such software may additionally change user settings or preferences, resist removal attempts or from functioning.

Non BizWare:
Shavlik classifies software as "NonBizWare" when the software is of questionable utility in a work environment or corporate network. Such programs include, but are not limited to, games, peer-to-peer file sharing programs or programs which may violate corporate policies for "computer security" such as pornography or communication applications.

Protection:
Signatures in the protection category are computer and browser configurations that prevent and pre-empt unwanted software installations

Classes

• Note that Shavlik Technologies may add, remove or change the definitions of Classes from time to time.

Advertising:
Any program that displays advertising to end users. The ads may be in the form of pop-ups, pop-unders or any other method.

Annoyances:
Any program that is a nuisance to a user or network.

Backdoor:
Any program designed to allow remote access to a target machine. Software classified as a backdoor can also be designed to circumvent security measures and exploit security vulnerabilities.

Browser Hijacker:
Any program that changes browser settings or functionality . This includes, but is not limited to, home page settings, search page settings and other browser-related security policy settings.

Cookies:
A file, typically created by a website that tracks interaction with that website.

Cracker:
A program which attempts to break account passwords on a victim's computer.

Dialer:
Any program that uses a victim's modem to dial a phone number or to change a computer's dial up connection settings.

Downloader:
Any program that downloads unwanted programs and installs them on a user’s computer.

Extraneous Program:
A program which does not have a legitimate business function in a corporate environment.

Game:
Any program that is designed as a game or gaming service.

Keylogger:
Any program that monitors keystrokes and other user input.

P2P Program:
Any program that is used for peer-to-peer sharing.

Pornography:
Any program that displays or facilitates the handling of pornographic materials.

Privacy Browser Plug-in:
Any browser plug-in that impacts a user’s privacy.

Rootkit:
Any program that installs itself as a rootkit. Rootkits are objects that attempt to hide from the normal Microsoft® Windows® API.

Search Tracking:
Any program that tracks a user’s search habits.

Shopping:
Any program which promotes purchasing merchandise.

Usage Tracking:
Any program that monitors and/or reports user habits.

Risk Rating

Low:
This category of software poses a minor risk to a network. Additional research and appropriate action should be taken if warranted; if the program was intentionally installed or does not violate company policy, it can safely be disregarded.

Moderate:
This category of software poses a medium risk to a network. This threat category should be investigated and addressed as time permits.

Important:
This category of software poses a considerable risk to a network. This threat category should be mitigated as soon as possible.

Critical:
This category of software poses a hazardous risk to a network. This is a top priority threat and should be mitigated immediately.

Impact Area

Confidentiality:
Software that impacts confidentiality relates to unauthorized information disclosure. Areas of concern that relate to confidentiality include corporate or personal data files and user behavior.

Integrity:
Software that impacts integrity relates to unauthorized usage of network, computer, or software resources affecting the operations of those systems by changing what they do or how they perform. Areas of concern that relate to integrity include data that should not be altered, manipulated or destroyed in an unauthorized manner.

Availability:
Software that impacts availability relates to making computer resources available for employees and customers to use for business purposes. Areas of concern that relate to availability include keeping applications, networks, computers, and data accessible to authorized users or entities.

Non-Business:
Software that degrades or detracts from the legitimate business use of corporate computer resources is the focus of a "non-business" impact. Areas of concern that relate to non-business activities include software which does not meet business functions such as games or inappropriate materials that violate company policy.

Productivity:
Software that impacts productivity reduces the amount of work an employee or computer system may accomplish. Areas of concern that relate to productivity include software which diverts computer resources for its own use, or which render a user's computer functionally inoperable.