Follow:

Microsoft Volume Licensing Blogtwitter

How does malware infect your PC

This page describes the most common ways that malware can get on your PC.

Expand all

Malware authors often use tricks to try to convince you to download malicious files. This can be an email with a file attached that tells you it is a receipt for a delivery, a tax refund, or an invoice for a ticket. It might say you have to open the attachment to get the items delivered to you, or to get money.

If you do open the attachment, you’ll end up installing malware on your PC.

Sometimes a malicious email will be easy to spot – it could have bad spelling and grammar, or come from an email address you’ve never seen before. However, these emails can also look like they come from a legitimate business or someone you know. Some malware can hack email accounts and use them to send malicious spam to any contacts they find.

To prevent your PC from being infected it’s a good idea to consider the following:

  • If you aren’t sure who sent you the email - or something doesn’t look quite right - don’t open it

  • If an email says you have to update your details, don’t click on the link in the email

  • Don’t open an attachment to an email that you weren’t expecting, or that was sent by someone you don’t know.

You can read more about how to avoid these types of threats at the links below:

Many worms spread by infecting removable drives such as USB flash drives or external hard drives. The malware can be automatically installed when you connect the infected drive to your PC. Some worms can also spread by infecting PCs connected to the same network.

There are several things you can do to avoid this type of infection:

Some malware can be installed at the same time as other programs that you download. This includes software from third-party websites or files shared through peer-to-peer networks.

Some programs will also install other applications that we detect as potentially unwanted software. This can include toolbars or programs that show you extra ads as you browse the web. Usually you can opt-out and not install these extra applications by unticking a box during the installation.

We have also found programs used to generate software keys (keygens) often install malware at the same time. Microsoft security software finds malware on more than half of PCs with keygens installed.

You can avoid installing malware or potentially unwanted software this way by:

  • Always downloading software from the official vendor’s website

  • Making sure you read exactly what you are installing – don’t just click OK

Malware can use known software vulnerabilities to infect your PC. A vulnerability is like a hole in your software that can give malware access to your PC.

When you go to a website, it can try to use those vulnerabilities to infect your PC with malware. The website might be malicious or it could be a legitimate website that has been compromised or hacked.

Vulnerabilities are fixed by the company that made the software. They are sent as updates that you need to install to be protected. This is why it’s extremely important to keep all your software up-to-date, and remove software you don’t use.

If your software isn’t up to date you could also get repeated alerts about the same threat.

Some types of malware can download other threats to your PC.

Once these threats are installed on your PC they will continue to download more threats.

The best protection from malware and potentially unwanted software is an up-to-date, real-time security product, such as Windows Defender for Windows 8, or Microsoft Security Essentials for Windows 7 and Windows Vista.