Skip to content

Extra Steps

There are some extra steps you can take to harden your Windows device against attackers. This is not an all inclusive list, rather it is some of the more effective steps you can take.

Show File Extensions

First, open up a Windows Explorer window. Click the three dots then select options. Go to the view tab and unselect “hide extensions for known file types.” This is a lot more important than it seems. I have no idea why MS decides to keep this option around, other than maybe they do it because they think Explorer looks cleaner.

This has been a popular way to get computers infected for a long time. An unsuspecting user will download a file that they think is something like a PDF and it will even have a PDF icon. It is actually an .exe file with a malicious payload that installs malware as soon as a person clicks on it. Having the extensions shown is important because if you download something that you believe is a word doc but has an exe extension or just a different extension than it should be, it’s almost a guarantee that it’s malware.

Keep Your Computer Clean

You should periodically check your list of installed apps to see what you have and also what might be running at startup. The more stuff you have on your device, the wider your attack surface becomes. Having things like out of date apps, crapware, etc, gives attackers more ability to infect your computer. You may also find some stuff gets installed that you didn’t even know about. Maybe you clicked through and installed without seeing what options were selected and you ended up with some adware search bars or extra apps running in the background.

Use A Standard Account

Most users are using an account that has admin permissions. This allows a lot of malware to just be able to elevate permissions on its own without the user having to do anything. On a standard account, some malware won’t be able to function or won’t be able to deliver a full payload. It’s also good practice to make sure anyone else using your computer only gets a standard account. I see a lot of Reddit posts of people talking about how they let a friend or family member use a device and notice that person infected it or screwed something up.