deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 10:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Beth Levin
2018-08-14 10:16:23 -07:00
parent f454c85372
commit 79d514c324
8 changed files with 47 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
windows/security/intelligence/rootkits-malware.md
View File

@ -24,13 +24,15 @@ Many modern malware families use rootkits to try and avoid detection and removal
* [Alureon](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fAlureon)
* [Sirefef](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fSirefef)
* [Cutwail](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fCutwail)
* [Datrahere](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win64/Detrahere) (Zacinlo)
* [Rustock](http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32%2fRustock)
* [Sinowal](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fSinowal)
* [Cutwail](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fCutwail)
* [Sirefef](http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Win32%2fSirefef)
## How to protect against rootkits
@ -46,10 +48,11 @@ For more general tips, see [prevent malware infection](prevent-malware-infection
### What if I think I have a rootkit on my PC?
Microsoft security software includes a number of technologies designed specifically to remove rootkits. If you think you might have a rootkit on your PC, and your antimalware software isnt detecting it, you might need an extra tool that lets you boot to a known trusted environment.
Microsoft security software includes a number of technologies designed specifically to remove rootkits. If you think you might have a rootkit on your device and your antimalware software isnt detecting it, you might need an extra tool that lets you boot to a known trusted environment.
In this case, use [Windows Defender Offline](http://windows.microsoft.com/windows/what-is-windows-defender-offline).
Windows Defender Offline is a standalone tool that has the latest anti-malware updates from Microsoft. Its designed to be used on PCs that aren't working correctly due to a possible malware infection.
[Windows Defender Offline](http://windows.microsoft.com/windows/what-is-windows-defender-offline) can be launched from Windows Security Center and has the latest anti-malware updates from Microsoft. Its designed to be used on PCs that aren't working correctly due to a possible malware infection.
[System Guard](https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/hardening-the-system-and-maintaining-integrity-with-windows-defender-system-guard/) provides in Windows 10 to protect against rootkits and threats that impact system integrity
### What if I cant remove a rootkit?