Updates

2025-05-16 15:27:22 +00:00 · 2018-07-31 10:27:52 -07:00 · 2018-07-31 10:27:52 -07:00 · cba4e4d0d7
commit cba4e4d0d7
parent 7640a38b4b
4 changed files with 47 additions and 30 deletions
--- a/windows/security/intelligence/prevent-malware-infection.md
+++ b/windows/security/intelligence/prevent-malware-infection.md
@ -98,6 +98,10 @@ Microsoft provides comprehensive security capabilities that help protect against

 * [Microsoft Exchange Online Protection (EOP)](https://products.office.com/exchange/exchange-email-security-spam-protection) offers enterprise-class reliability and protection against spam and malware, while maintaining access to email during and after emergencies.

+* [Microsoft Safety Scanner](https://www.microsoft.com/wdsi/products/scanner) helps remove malicious software from computers running Windows 10, Windows 10 Tech Preview, Windows 8.1, Windows 8, Windows 7, Windows Server 2016, Windows Server Tech Preview, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, or Windows Server 2008. NOTE: This tool does not replace your antimalware product.
+
+* [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) provides real-time protection for your home or small business PC that guards against viruses, spyware, and other malicious software. For Windows 7, Windows Vista. See Windows Defender Advanced Threat Protection for later versions of Windows.
+
 * [Microsoft 365](https://docs.microsoft.com/microsoft-365/enterprise/#pivot=itadmin&panel=it-security) includes Office 365, Windows 10, and Enterprise Mobility + Security. These resources power productivity while providing intelligent security across users, devices, and data.

 * [Office 365 Advanced Threat Protection](https://technet.microsoft.com/library/exchange-online-advanced-threat-protection-service-description.aspx) includes machine learning capabilities that block dangerous emails, including millions of emails carrying ransomware downloaders.
--- a/windows/security/intelligence/trojans-malware.md
+++ b/windows/security/intelligence/trojans-malware.md
@ -15,7 +15,7 @@ ms.date: 07/01/2018

 Trojans are a common type of malware which, unlike viruses, can’t spread on their own. This means they either have to be downloaded manually or another malware needs to download and install them.

-Trojans often use the same file names as real and legitimate apps. You might accidentally download a trojan thinking you are downloading a legitimate app.
+Trojans often use the same file names as real and legitimate apps. It is easy to accidentally download a trojan thinking that it is a legitimate app.

 ## How trojans work

@ -23,20 +23,22 @@ Trojans can come in many different varieties, but generally they do the followin

 - Download and install other malware, such as viruses or worms.

- Use your PC for click fraud.
+- Use the infected PC for click fraud.

- Record your keystrokes and the sites you visit.
+- Record keystrokes and websites visited.

- Send information about your PC to a malicious hacker including passwords, login details for websites, and browsing history.
+- Send information about the infected PC to a malicious hacker including passwords, login details for websites, and browsing history.

- Give a malicious hacker control over your PC.
+- Give a malicious hacker control over the infected PC.

 ## How to protect against trojans

 Use the following free Microsoft software to detect and remove it:

- Windows Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for  previous versions of Windows.
+- [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) for Windows 10 and Windows 8.1, or [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) for previous versions of Windows.

- Microsoft Safety Scanner
+- [Microsoft Safety Scanner](https://www.microsoft.com/wdsi/products/scanner)

 You should also run a full scan. A full scan might find other, hidden malware.
+
+For more general tips, see [prevent malware infection](prevent-malware-infection.md).
--- a/windows/security/intelligence/unwanted-software.md
+++ b/windows/security/intelligence/unwanted-software.md
@ -14,36 +14,47 @@ ms.date: 07/01/2018

 Unwanted software are programs that alter your Windows experience without your consent or control. The altered experience can be in the form of modified browsing experience, lack of control over downloads and installation, misleading messages, or unauthorized changes to Windows settings.

-## How does unwanted software get into my PC?
+## How does unwanted software get infect PCs?

-You may get unwanted software when you search for and download applications from the Internet. Some applications are software bundlers, which means that they are packed with other applications. As a result, when you install the application you originally searched for, you may inadvertently install other programs that you may not want or need.
+Unwanted software can be introduced when a user searches for and downloads applications from the Internet. Some applications are software bundlers, which means that they are packed with other applications. As a result, other programs can be inadvertently installed when the original application is downloaded.

-Here are some indications that you have unwanted software on your PC:
+Here are some indications there is unwanted software on your PC:

- You see programs that you did not install and that may be difficult to uninstall
+- There are programs that you did not install and that may be difficult to uninstall

- Your browser features or settings changed, and you can’t view or modify them
+- Browser features or settings have changed, and you can’t view or modify them

- You see excessive messages about your PC’s system health or about files and programs in your PC
+- There are excessive messages about your PC’s system health or about files and programs in your PC

- You see ads that you cannot easily close
+- There are ads that cannot be easily closed

-Some unwanted behaviors are harder to recognize. Some unwanted software, for example, modify web pages to display specific ads, monitor your browsing activities, or remove control of your browser. You need antivirus products, such as Windows Defender Antivirus (Windows Defender AV), to detect and remove these unwanted software. Microsoft uses an extensive [evaluation criteria](https://www.microsoft.com/wdsi/antimalware-support/malware-and-unwanted-software-evaluation-criteria) to identify unwanted software.
+Some unwanted behaviors are harder to recognize. Some unwanted software, for example, modify web pages to display specific ads, monitor browsing activities, or remove control of the browser.
+
+Microsoft uses an extensive [evaluation criteria](https://www.microsoft.com/wdsi/antimalware-support/malware-and-unwanted-software-evaluation-criteria) to identify unwanted software.

 ## How do I protect my PC against unwanted software?

 To prevent unwanted software infection, download software only from official websites, or from the Microsoft Store. Be wary of downloading software from third-party sites.

-Use Microsoft Edge when browsing the Internet. Microsoft Edge includes additional protections that effectively block browser modifiers that can change your browser settings. Microsoft Edge also blocks known websites hosting unwanted software using Windows Defender SmartScreen (also used by Internet Explorer).
+Use [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/index) when browsing the Internet. Microsoft Edge includes additional protections that effectively block browser modifiers that can change your browser settings. Microsoft Edge also blocks known websites hosting unwanted software using [SmartScreen](https://docs.microsoft.com/en-us/microsoft-edge/deploy/index) (also used by Internet Explorer).

-Enable Windows Defender AV in Windows 10. It provides real-time protection against threats and detects and removes known unwanted software.
+Enable [Windows Defender AV](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) in Windows 10. It provides real-time protection against threats and detects and removes known unwanted software.

-If you suspect that you have unwanted software your PC, you can [submit files for analysis](https://www.microsoft.com/wdsi/filesubmission).
+Download [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) for real-time protection in Windows 7 or Windows Vista.
+
+For more general tips, see [prevent malware infection](prevent-malware-infection.md).

 ## What should I do if my PC is infected? 

-Some unwanted software add uninstallation entries, which means that you can remove them from your PC using Settings. Select the Start button, then go to **Settings > Apps > Apps & features**. Select the app you want to uninstall, then click **Uninstall**. If you only recently noticed symptoms of unwanted software infection, consider sorting the apps by install date, and then uninstall the most recent apps that you did not install.
+If you suspect that you have unwanted software your PC, you can [submit files for analysis](https://www.microsoft.com/wdsi/filesubmission).

-You may also need to remove browser add-ons in your browsers, such as Internet Explorer, Firefox, or Chrome.
+Some unwanted software adds uninstallation entries, which means that you can **remove them from the PC using Settings**. 
+1. Select the Start button
+2. Go to **Settings > Apps > Apps & features**. 
+3. Select the app you want to uninstall, then click **Uninstall**. 

-Some unwanted software can be more difficult to remove. Run a full scan using Windows Defender AV to remove unwanted software, malware, and threats.
+If you only recently noticed symptoms of unwanted software infection, consider sorting the apps by install date, and then uninstall the most recent apps that you did not install.
+
+You may also need to **remove browser add-ons** in your browsers, such as Internet Explorer, Firefox, or Chrome.
+
+In case threat removal is unsuccessful, read about [troubleshooting malware detection and removal problems](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
--- a/windows/security/intelligence/worms-malware.md
+++ b/windows/security/intelligence/worms-malware.md
@ -21,11 +21,11 @@ Worms represent a large category of malware. Different worms use different metho

 Jenxcus (also known as Dunihi), Gamarue (also known as Androm), and Bondat have consistently remained at the top of the list of malware that infect users running Microsoft security software. Although these worms share some commonalities, it is interesting to note that they also have distinct characteristics.

-Jenxcus has capabilities of not only infecting removable drives but can also act as a backdoor that connects back to its server. This threat typically gets into a PC from a drive-by download attack, meaning it's installed when users just visit a compromised webpage.
+* **Jenxcus** has capabilities of not only infecting removable drives but can also act as a backdoor that connects back to its server. This threat typically gets into a PC from a drive-by download attack, meaning it's installed when users just visit a compromised webpage.

-Gamarue typically arrives through spam campaigns, exploits, downloaders, social networking sites, and removable drives. When Gamarue infects a PC, it becomes a distribution channel for other malware. We’ve seen it distribute other malware such as infostealers, spammers, clickers, downloaders, and rogues.
+* **Gamarue** typically arrives through spam campaigns, exploits, downloaders, social networking sites, and removable drives. When Gamarue infects a PC, it becomes a distribution channel for other malware. We’ve seen it distribute other malware such as infostealers, spammers, clickers, downloaders, and rogues.

-Bondat typically arrives through fictitious Nullsoft Sciptable Install System (NSIS) Java installers and removable drives. When Bondat infects a system, it gathers information about the machine such as PC name, Globally Unique Identifier (GUID), and OS build. It then sends that information to a remote server.
+* **Bondat** typically arrives through fictitious Nullsoft Sciptable Install System (NSIS) Java installers and removable drives. When Bondat infects a system, it gathers information about the machine such as PC name, Globally Unique Identifier (GUID), and OS build. It then sends that information to a remote server.

 Both Bondat and Gamarue have clever ways of obscuring themselves to evade detection. By hiding what they are doing on your PC they try to avoid detection by your security software.

@ -37,10 +37,10 @@ This image shows how a worm can quickly spread through a shared USB drive.

 ## How to protect against worms

-Use the following free Microsoft software to detect and remove it:
+Enable [Windows Defender AV](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) in Windows 10. It provides real-time protection against threats and detects and removes known unwanted software.

-* Windows Defender for Windows 10, and Windows 8.1
+Download [Microsoft Security Essentials](https://www.microsoft.com/download/details.aspx?id=5201) for real-time protection in Windows 7 or Windows Vista.

-* Microsoft Safety Scanner for Windows 7 and Windows Vista
+In case threat removal is unsuccessful, read about [troubleshooting malware detection and removal problems](https://www.microsoft.com/wdsi/help/troubleshooting-infection).

-You should also run a full scan find other, hidden malware. If you still can't remove it, visit our advanced troubleshooting page for more help.
+For more general tips, see [prevent malware infection](prevent-malware-infection.md).