Help prevent malware infection on your PC
Malware authors are always looking for new ways to infect your PC. Following the simple tips below can help you stay protected.
You can also visit the Microsoft virus and malware community for more help.
Up-to-date security software is the best way to help protect your PC from malware.
Microsoft provides security software that is regularly updated to protect against the latest threats. Our software includes:
Whatever security software you choose, make sure you update it regularly. We recommend you update your security software at least every day.
New malware is written every day. Many of these threats target vulnerabilities in your PC software. Software companies regularly release updates that fix these vulnerabilities.
To help stay protected you should regularly update all your software. This includes programs like Java, Adobe and QuickTime. Go to our software updates page for more information.
You can easily keep all of your Microsoft software up-to-date by turning on Windows automatic updates . Your computer will automatically download Microsoft security updates when your computer is online.
Malware authors use several common tricks to install their malicious software on your PC. Understanding the most common ways they do this can help you stay protected.
- Email – Malware often arrives on your PC in an email attachment. You should never open an attachment from someone you don’t know or if an email looks suspicious. Instant messages and requests for file transfers can also spread malware.
- Websites – Never open links to webpages that you don’t recognize or that are sent from people you don’t know. Malicious websites can install malware on your PC when you visit them.
- Use caution – If you view a website that doesn’t look quite right, or unexpected things happen when you visit, close your browser, download the latest updates for your security software and run a quick scan on your PC.
- Pirated software – Malware is often bundled together with pirated software. When you install the pirated software you may also install malware. You can find more information on the Protect your PC from pirated software page.
- Social engineering – Malware authors often try and trick you into doing what they want. This can be clicking or opening a file because it looks legitimate, paying money to unlock your PC or visiting a malicious webpage. These deceptive appeals are known as social engineering.
- Passwords – Attackers may try to guess your Windows account or other passwords. This is why you should always use a password that can’t be guessed easily. A strong password has at least eight characters and includes letters, numbers, and symbols. There is more information on the Create strong passwords page.
- USB flash drives and other removable drives – Some types of malware, such as worms, can spread by copying themselves to any USB flash drives or other removable drives that are connected to your computer. Always be careful when sharing removable drives, and make sure you scan them. We have instructions on how to scan USB flash drives on our help page.
A firewall is a set of rules that chooses which information can access your PC. It can help prevent malware infections by stopping suspicious programs from getting onto your PC, or accessing the internet once installed.
You can find out how to turn on your firewall at the links below:
Many malware threats need full access to your PC to run properly. Windows 10, Windows 8.1, Windows 7, and Windows Vista use User Account Control to limit what a program can do without your permission.
This means you will be notified if any software or application tries to make any changes to your system. It can also help stop malware and unwanted software from installing themselves or changing the way your PC works.
There is more information about User Account Control at the following links:
Exercise caution when dealing with email, IM conversations, and web messages received from unknown sources, or received unexpectedly from known sources. Use extreme caution when accepting file transfers from known or unknown sources.
Exercise caution with links to webpages that you receive from unknown sources, especially if the links are to a webpage that you are not familiar with. Malicious software may be installed in your computer simply by visiting a webpage with harmful content.
Threats may also be bundled with software and files that are available for download on various torrent sites. Downloading "cracked" or "pirated" software from these sites carries not only the risk of being infected with malware, but is also illegal.
While attackers may attempt to exploit vulnerabilities in hardware or software to compromise a computer, they also attempt to exploit vulnerabilities in human behavior to do the same. When an attacker attempts to take advantage of human behavior to persuade the affected user to perform an action of the attacker's choice, it is known as 'social engineering'. Essentially, social engineering is an attack against the human interface of the targeted computer.
Attackers may try to gain access to your Windows account by guessing your password. It is therefore important that you use a strong password – one that cannot be easily guessed by an attacker. A strong password is one that has at least eight characters and combines letters, numbers, and symbols.