Evaluation Criteria For Malware Together With Unwanted Software - Windows Defender Safety Intelligence

https://www.microsoft.com/en-us/wdsi/antimalware-support/malware-and-unwanted-software-evaluation-criteria

How Microsoft identifies malware together with potentially unwanted applications

Microsoft aims to render customers amongst the most delightful together with productive Windows sense possible. To assistance attain that, nosotros essay our best to ensure our customers are prophylactic together with inwards command of their devices.

Microsoft gives you lot the information together with tools you lot demand when downloading, installing, together with running software, every bit good every bit tools that protect you lot when nosotros know that something dangerous is happening. Microsoft does this yesteryear identifying together with analyzing software together with online content against criteria described inwards this article.

You tin participate inwards this procedure yesteryear submitting software for analysis. Our analysts together with intelligent systems tin together with then assistance seat undesirable software together with ensure they are covered yesteryear our safety solutions.

Because novel forms of malware together with potentially unwanted applications are beingness developed together with distributed rapidly, Microsoft reserves the correct to adjust, expand, together with update these criteria without prior notice or announcements.

Malware

Malware is the overarching quest applications together with other code, i.e. software, that Microsoft classifies to a greater extent than granularly as malicious software or unwanted software.

Malicious software

Malicious software is an application or code that compromises user security. Malicious software powerfulness pocket your personal information, lock your PC until you lot pay a ransom, job your PC to ship spam, or download other malicious software. In general, malicious software tricks, cheats, or defrauds users, places users inwards vulnerable states, or performs other malicious activities.

Microsoft classifies most malicious software into ane of the next categories:

• Backdoor: A type of malware that gives malicious hackers remote access to together with command of your PC.
• Downloader: A type of malware that downloads other malware onto your PC. It needs to connect to the cyberspace to download files.
• Dropper: A type of malware that installs other malware files onto your PC. Unlike a downloader, a dropper doesn't demand to connect to the cyberspace to driblet malicious files. The dropped files are typically embedded inwards the dropper itself.
• Exploit: A slice of code that uses software vulnerabilities to gain access to your PC together with perform other tasks, such every bit installing malware. See to a greater extent than information close exploits
• Hacktool: A type of tool that tin live on used to gain unauthorized access to your PC.
• Macro virus: A type of malware that spreads through infected documents, such every bit Microsoft Word or Excel documents. The virus is run when you lot opened upwardly an infected document.
• Obfuscator: A type of malware that hides its code together with purpose, making it to a greater extent than hard for safety software to let on or remove.
• Password stealer: A type of malware that gathers your personal information, such every bit user names together with passwords. It oft plant along amongst a keylogger, which collects together with sends information close the keys you lot press together with websites you lot visit.
• Ransomware: A type of malware that encrypts your files or makes other modifications that tin forestall you lot from using your PC. It together with then displays a ransom greenback stating you lot must pay money, consummate surveys, or perform other actions earlier you lot tin job your PC again. See to a greater extent than information close ransomware
• Rogue safety software: Malware that pretends to live on safety software but doesn't render whatever protection. This type of malware ordinarily displays alerts close nonexistent threats on your PC. It also tries to convince you lot to pay for its services.
• Trojan: A type of malware that attempts to seem harmless. Unlike a virus or a worm, a trojan doesn't spread yesteryear itself. Instead it tries to hold off legitimate, tricking users into downloading together with installing it. Once installed, trojans perform a multifariousness of malicious activities, such every bit stealing personal information, downloading other malware, or giving attackers access to your PC.
• Trojan clicker: A type of trojan that automatically clicks buttons or similar controls on websites or applications. Attackers tin job this trojan to click on online advertisements. These clicks tin skew online polls or other tracking systems together with tin fifty-fifty install applications on your PC.
• Worm: A type of malware that spreads to other PCs. Worms tin spread through email, minute messaging, file sharing platforms, social networks, network shares, together with removable drives. Sophisticated worms accept payoff of software vulnerabilities to propagate.

Visit the glossary for to a greater extent than malicious software categories together with definitions of other safety terms.

Unwanted software

Microsoft believes that you lot should receive got command over your Windows experience. Software running on Windows should give-up the ghost along you lot inwards command of your PC through informed choices together with accessible controls. Microsoft identifies software behaviors that ensure you lot rest inwards control. We assort software that does non fully demonstrate these behaviors every bit "unwanted software".

Lack of choice

You must live on notified close what is happening on your PC, including what software does together with whether it is active.

Software that exhibits lack of choice might:

• Fail to render prominent notice close the behaviour of the software together with its role together with intent.
• Fail to clearly dot when the software is active together with powerfulness also essay to cover or disguise its presence.
• Install, reinstall, or withdraw software without your permission, interaction, or consent.
• Install other software without a clear indication of its human relationship to the primary software.
• Circumvent user consent dialogs from the browser or operating system.
• Falsely claim to live on software from Microsoft.

Software must non mislead or coerce you lot into making decisions close your PC. This is considered behaviour that limits your choices. In add-on to the previous list, software that exhibits lack of choice might:

• Display exaggerated claims close your PC's health.
• Make misleading or inaccurate claims close files, registry entries, or other items on your PC.
• Display claims inwards an alarming trend close your PC's wellness together with require payment or certainly actions inwards central for fixing the purported issues.

Software that stores or transmits your activities or information must:

• Give you lot notice together with larn consent to practise so. Software should non include an choice that configures it to cover activities associated amongst storing or transmitting your data.

Lack of control

You must live on able to command software on your computer. You must live on able to start, stop, or otherwise revoke ascendancy to software.

Software that exhibits lack of command might:

• Prevent or bound you lot from viewing or modifying browser features or settings.
• Open browser windows without authorization.
• Redirect spider web traffic without giving notice together with getting consent.
• Modify or manipulate webpage content without your consent.

Software that changes your browsing sense must entirely job the browser's supported extensibility model for installation, execution, disabling, or removal. Browsers that practise non render supported extensibility models volition live on considered non-extensible together with should non live on modified.

Installation together with removal

You must live on able to start, stop, or otherwise revoke ascendancy given to software. Software should obtain your consent earlier installing, together with it must render a clear together with straightforward agency for you lot to install, uninstall, or disable it.

Software that delivers poor installation experience might packet or download other "unwanted software" every bit classified yesteryear Microsoft.

Software that delivers poor removal experience might:

• Present confusing or misleading prompts or pop-ups spell beingness uninstalled.
• Fail to job measure install/uninstall features, such every bit Add/Remove Programs.

Advertising together with advertisements

Software that promotes a production or service exterior of the software itself tin interfere amongst your computing experience. You should receive got clear choice together with command when installing software that presents advertisements.

The advertisements that are presented yesteryear software must:

• Include an obvious agency for users to unopen the advertisement. The deed of closing the promotion must non opened upwardly about other advertisement.
• Include the call of the software that presented the advertisement.

The software that presents these advertisements must:

• Provide a measure uninstall method for the software using the same call every bit shown inwards the promotion it presents.

Advertisements shown to you lot must:

• Be distinguishable from website content.
• Not mislead, deceive, or confuse.
• Not comprise malicious code.
• Not invoke a file download.

Consumer opinion

Microsoft maintains a worldwide network of analysts together with tidings systems where you lot can submit software for analysis. Your participation helps us seat novel malware quickly. After analysis, Microsoft creates definitions for software that meets the described criteria. These definitions seat the software every bit malware together with are available to all users through Windows Defender Antivirus together with other Microsoft antimalware solutions.

Potentially unwanted application (PUA)

Our PUA protection aims to safeguard user productivity together with ensure enjoyable Windows experiences. This optional protection, available to enterprises, helps deliver to a greater extent than productive, performant, together with delightful Windows experiences.

PUAs are non considered malware.

Microsoft uses specific categories together with the category definitions to assort software every bit a PUA.

• Browser advertising software: Software that displays advertisements or promotions, or prompts the user to consummate surveys for other products or services inwards software other than itself. This includes software that inserts advertisements to webpages.
• Torrent software: Software that is used to create or download torrents or other files specifically used amongst peer-to-peer file-sharing technologies.
• Cryptomining software: Software that uses your calculator resources to mine cryptocurrencies.
• Bundling software: Software that offers to install other software that is non digitally signed yesteryear the same entity. Also, software that offers to install other software that qualify every bit PUA based on the criteria outlined inwards this document.
• Marketing software: Software that monitors together with transmits the activities of the user to applications or services other than itself for marketing research.
• Evasion software: Software that actively tries to evade detection yesteryear safety products, including software that behaves differently inwards the presence of safety products.
• Poor manufacture reputation: Software that trusted safety providers let on amongst their safety products. The safety manufacture is dedicated to protecting customers together with improving their experiences. Microsoft together with other organizations inwards the safety manufacture continuously central noesis close files nosotros receive got analyzed to render users amongst the best possible protection.