By Dan Gookin

Malware is an ancient software category. Programs that do bad things are as old as programming itself. Some nerd, back in the 1960s, upon being terminated, probably wrote a program that ejected every sheet of paper from the teletype machine. As time passed, the programs grew more malevolent and, thanks to the Internet, more pervasive.

The first, best thing you can do to protect yourself from malware is to learn more about your computer. Honestly, you can’t tell when something is wrong when you’re unable to determine exactly what “right” is.

The second thing you can do is to not be a fool. Malware succeeds by preying on human weakness. Computers become infected these days because people drop their guard and do something stupid. It happens to everyone, thanks to a psychological concept called social engineering.

Social engineering is the art of making people do things that they otherwise wouldn’t. For example, you’re fooled into opening an email attachment because the message claims that it contains a payment due to you, a receipt for an item ordered, or a compromising picture of a celebrity. Despite the warnings, you open the attachment. Your computer is infected. The Bad Guys win.

The final thing you can do to protect yourself from the malware tsunami is to use software tools to ensure that your computer hasn’t been compromised, and to repair any damage done. These tools include an antivirus program, antispyware, and a firewall. The good news is that Windows comes with all these tools.

Obtaining malware (accidentally)

You probably don’t set out to find malware. It happens. Sometimes you’re aware of it right after it happens, but mostly you have no idea. Still, malware has only a limited select of infection vectors:

  • Download from a web page: Even if your web browser watches for suspicious sites, you can still click a link to download malware. More frequently, malware piggybacks as an “extra” for legitimate software you obtain. Always read everything before you click the Download button.
  • An email attachment: Malware arriving as an email attachment is the same bad stuff that comes from a web page. The difference is primarily in social engineering: The malware is most likely disguised as a message from a friend or has another tempting aspect that entices you to open it.
  • Infected media: Back when floppy disks were popular, most malware arrived on infected media. This threat is far lower today because the Internet is the most common infection vector.

The key to avoiding infection is to pay attention. Even if you run antivirus software, some people diligently disable it just so that they can open that email attachment claiming they inherited $10,000,000 from the former prime minister of Wambooli.

Surviving the malware scourge

You have three tools to keep your PC safe from the Bad Guys. The first tool is your own brain. The other two tools come with Windows: Windows Defender and Windows Firewall.

You can view the status of both tools, as well as other antimalware protection methods, by summoning the Security and Maintenance window, which is part of the Control Panel. Heed these steps:

  1. Press Win+X to pop up the supersecret menu.
  2. Choose Control Panel.
  3. Below the System and Security heading, click the link Review Your Computer’s Status.
    You see the Security and Maintenance window, delightfully illustrated here.
PCs-security
The Security and Maintenance window.

The Security and Maintenance window gives you an overall view of your PC’s security status. The two main screens are Security and Maintenance. Use the chevrons to hide or show each section.

You see that the PC is secure: The firewall and Windows Defender are active, as are other security items. If any item isn’t active, it’s flagged in red. The Maintenance category shows a yellow flag, indicating that a device driver needs installation.

When you see red flags in the Security and Maintenance window, follow the suggestions presented to remove the flag. Usually, this involves activating a security feature.