Computer security is generally not something that can be understood in an afternoon's reading - with today's software the threat vectors are large and plentiful - the average Windows computer has so many interconnecting pieces of software that using some sort of anti-virus is no longer (and honestly, never was) a single piece solution to keeping your computer clean. Computer security isn't something you can buy - it's knowledge you can arm yourself with.
Keep software up to date.
This is perhaps the most important action you can take. If you do nothing else, do this. A good way to think about software is that it deteriorates naturally over time. What was once considered safe, top-of-the-line, secured software five years ago is most likely no longer considered secure today. Unfortunately software has become so complex that it can never really be guaranteed to not have any vulnerabilities.
Taking steps such as installing Windows security updates may seem obvious, but a surprising number of people take steps to avoid this as it can be a minor inconvenience.
Enable (or rather, don't disable) UAC
User Account Control (UAC) is a critical security control in Windows that has vast impacts you can't see. It is not computer bubblewrap. It exists for very important reasons - it may be annoying with occasional pop-ups when running applications, but it's best to leave it on. With it off, malware is able to instantly elevate to administrator level permissions - something you don't want.
Web Browser Configuration
If you're like most people, you spend most of your time using a web browser. Our recommendation here is Google Chrome - for a variety of reasons. Due to its strong sandbox technology that prevents malware from escaping and its very fast automatic updating to fix problems, as far as security goes Chrome serves you best in comparison to Firefox or Edge. Assuming you're running a 64 bit machine (if you're computer isn't several years old, it probably is) then you'll want to.
That being said,. web browsers alone don't come with everything you need to keep a high level of confidence. This is where some trusty browser extensions come into play.
There's also a few extra tweaks you should do if you can - for most people, they'll have no effect.
- Disable flash (or set it to click to play)
- Uninstall Java (if you don't have any software that requires it - otherwise, just keep it up to date)
Use Some Common Sense
For a long list of technical reasons the average person doesn't need to know about, here's a few extra tips of things to do and not do.
- Don't use any sort of 'registry cleaner'. The windows registry is a lot more complicated than they can make it seem, and using a registry cleaner to try to fix or prevent problems is very much like trying to pop balloons by throwing pebbles.
- Don't download or agree to run software that isn't something that you were specifically looking for. Just because an anti-virus software says an executable is 'clean', doesn't mean that no harm can come from it.
- When you do install software, make sure you read every option it gives you. Adware is often bundled with free software and you have to uncheck it during installation. If given an option to perform a 'custom' installation, it's usually the best option to take if you want to know exactly what you're installing.