Preventing your Windows PC from being infected by malware
This malware prevention guide is intended for the average/above average home user that wants to protect their PC using Anti-Malware products and techniques. Some of these solutions are free, some aren’t. If you follow this guide then there’s no reason for you to ask “what’s the best way to protect my PC from being infected?”. If you’d like to add another way to protect your PC from malware please add it as a comment below.
- Make sure your PC is setup to install Windows critical and security updates. Updates are one of the most important ways you can prevent your PC from being infected. By default Windows updates are installed at 3 am. If your PC is asleep or turned off your updates will NOT be installed. Either make sure your PC is on at 3 am or change the install time to when your PC is turned on. You MUST reboot after your updates have been installed. Installing your Windows updates are super critical. If you need step-by-step instructions you can find them here.
- Install the latest version of Adobe Reader. You will be notified when Adobe Reader updates are available. Install them!
- Install the latest version of Adobe Flash Player. You will be notified when Adobe Flash Player updates are available. Install them!
- Install the latest version of the browser you are using.
For IE – Check for updates.
- If you don’t want to look for updates manually you can use something like Secunia – read more here http://secunia.com/vulnerability_scanning/personal/).
- Turn off Autorun / Autoplay. Lot’s of people use flash drives, they’re great. However, worms like them too (like Conficker). If you insert a flash drive with a worm on it the worm will jump from USB to the PC instantly (and viceversa). Turning off autorun minimizes the chance that the worm will automatically jump from the flash drive to the PC.
How to disable autorun/autoplay in any version of Windows
- Buy a new AntiVirus every year. Download it or go to the store, doesn’t matter. 95% of the new clients I meet believe they have the latest antivirus because they are renewing their antivirus subscription. Not true. They are simply receiving antivirus database updates, not program updates. Some antivirus applications may do program updates automatically, however I barely see this. If you want an Antivirus / Antimalware that works really well right outta the box then grab Symantec’s Norton Internet Security (NIS). The lastest versions of NIS are extremely light on your system and very effective at preventing malware. If you can’t afford to pay for antivirus then I currently recommend either Avast Antivirus Free.
- Install some realtime “companion” anti-malware. Companion anti-malware, like MalwareBytes Pro, works alongside your anti-virus without slowing your computer down while drastically increasing your protection.
The malware landscape looks like this *right now* (and hasn’t changed that much this year)
Fake AntiVirus and Fake System Utilities
These fake apps are either loaded via hacked websites or trojans that already exist on your PC. They’ll popup messages saying that your computer is highly infected or that your hard drive is damaged and ready to die. These messages are intended to scare you into buying the fake application.
NOTE: Fake system utilities will hide all the applications and files on your computer making it look like they have been deleted. Your files are simply hidden and not deleted…it’s just a scare tactic.
Rootkits – Rootkits are specialized malware that usually have the following characteristics and abilities:
- they are completely hidden from your conventional antivirus and some specialized removal tools.
- they will redirect your searches on the internet to bad sites.
- they will disable your antivirus.
- they will download other pieces of malware (like fake antivirus).
- sometimes they’ll prevent your computer from booting (like the one I’m working on right now).
- they may patch system drivers (usually just 1-2 random drivers).
- they may infect master boot records.
- they may allow a remote attacker to view, change, upload or delete any file on your PC and execute commands.