Warning message... Link to action
Read our in-depth analysis of a new high-volume campaign that marked the resurgence of notorious malware-as-a-service Hawkeye Keylogger. Read the blog post
Prevent malware from infecting your PC
Malware authors are always looking for new ways to infect your PC. Follow the simple tips below to stay protected and minimize threats to your data and your accounts.
Enable Windows security features
Windows Defender Antivirus provides comprehensive protection through real-time detection and removal of malware using next-gen antimalware technologies. Windows Defender Antivirus uses the cloud, machine learning, and behavior analysis to rapidly respond to emerging threats.
For effective antimalware protection, enable Windows Defender Antivirus and keep it up-to-date with automatic Microsoft Updates. To enable next-gen protection:
Windows Defender Antivirus is built into Windows 10 and Windows 8.1. If your computer is running Windows 7 or earlier, you can download and use Microsoft Security Essentials (MSE).
For increased protection, Windows Defender Firewall blocks unwanted inbound network connections. It can also control which applications on your computer can initiate outbound connections and can warn of malware suddenly trying to establish a remote connection.
Read the articles below to learn how turn on Windows Defender Firewall:
With Windows 10, you also benefit from Windows Defender Exploit Guard, which protects files in key folders with Controlled folder access. Enterprise users are also provided broad or strategic exploit protection, reduction of attack surfaces with behavior detection rules, and reputation-based filtering of network connections.
Keep software up-to-date
Exploits typically abuse vulnerabilities in popular software such as web browsers, Java, Adobe Flash Player, and Microsoft Office. To protect your PC from exploits, always keep software up-to-date.
To keep Microsoft software up to date, ensure that automatic Microsoft Updates are enabled. Also, by upgrading to the latest version of Windows, you automatically benefit from a host of built-in security enhancements.
Watch out for threats on email or instant messaging
Email and other messaging tools are a few of the most common ways your PC can get infected. Attachments or links on messages can open malware directly or can stealthily trigger a download. Some emails will instruct you to allow macros or other executable content—these instructions are designed to make it easier for malware to infect your computer.
To avoid threats that arrive via email or other messaging tools:
What are suspicious messages?
Here are some characteristics that you can use to spot potentially harmful messages:
Surf the web safely
The web is filled with useful and helpful content that we use every day. While there are billions of helpful pages, the web also contains sites that have been intentionally set up for malicious purpose. Some legitimate sites also get compromised—they are modified by attackers to deliver malware and other malicious content.
By visiting malicious or compromised sites, your PC can get infected with malware automatically or you can get tricked into downloading and installing malware. To avoid malware that are distributed through these websites:
How do I spot suspicious websites?
Check for the following characteristics to identify potentially harmful websites:
To block malicious websites, use a modern web browser like Microsoft Edge, which uses Windows Defender SmartScreen to identify phishing and malware websites. Microsoft Edge also works with Windows Defender Antivirus to check downloads for malware.
For optimal protection while browsing websites, use Windows Defender Application Guard. Application Guard helps to isolate untrusted sites, protecting you while you browse the Internet. If you browse an untrusted site through either Microsoft Edge or Internet Explorer, Application Guard opens the site in a virtualized container that is separate from the host operating system. This container isolation means that if the untrusted site turns out to be malicious, the host PC is protected and the attacker can't get to your data. Application Guard is available on enterprise editions of Windows 10 version 1709 or above.
If you encounter an unsafe site, click More […] > Send feedback on Microsoft Edge. You can also report unsafe sites directly to Microsoft.
Stay away from pirated material
Using pirated content is not only illegal, it can also expose your PC to malware. Sites that offer pirated software and media are also often used to distribute malware. Many illicit media download and streaming sites try to push infected media players and codecs packages. Some of these sites can automatically install malware to visiting computers.
Pirated software is often bundled with malware and other unwanted software, including intrusive browser plugins and adware.
To stay safe, download movies, music, and apps from official publisher websites or stores. Consider running a streamlined OS such as Windows 10 S, which ensures that only vetted apps from the Windows Store are installed.
Don't attach unfamiliar removable drives
Some types of malware can spread by copying themselves to USB flash drives or other removable drives. Also, there are malicious individuals that intentionally prepare and distribute infected drives—leaving these drives in public places to victimize unsuspecting individuals.
Only use removable drives that you are familiar with or that come from a trusted source. If a drive has been used in publicly accessible devices, like computers in a café or a library, make sure you have antimalware running on your computer before you use the drive. Avoid opening unfamiliar files you find on suspect drives, including Office and PDF documents and executable files.
Use a non-administrator account
At the time they are launched, whether inadvertently by a user or automatically, most malware run under the same privileges as the active user. This means that by limiting your own privileges, you can prevent malware from making consequential changes to your computer.
By default, Windows uses User Account Control (UAC) to provide automatic, granular control of privileges—it temporarily restricts privileges and prompts the active user every time an application attempts to make potentially consequential changes to the system. Although UAC helps limit the privileges of admin users, users can simply override this restriction when prompted. As a result, it is quite easy for an admin user to inadvertently allow malware to run.
To help ensure that your everyday activities do not result in malware infection and other potentially catastrophic changes, you can use a non-administrator account for regular use. By using a non-administrator account, you can prevent installation of unauthorized apps and prevent inadvertent changes to system settings. Avoid browsing the web or checking email using an account with administrator privileges.
Whenever necessary, you can log in as an administrator to install apps or make configuration changes that require admin privileges.
Other safety tips
To further ensure that your data is protected from malware as well as other threats, make sure you:
What to do if you have a malware infection
Windows Defender Antivirus helps reduce the chances of infection and will automatically remove threats that it detects.
In case threat removal is unsuccessful, read about troubleshooting malware detection and removal problems.