Windows has design issues…I have talked about it many many times.  However it IS possible to have a malware free system.  It’s really not that hard.  You do need to change your behavior on how you operate your windows systems.

1.  Have a security audit done if you’ve never had one done.

2.  Do not use IE or Edge.  IE’s issues are well documented.  Edge is suffering from basic coding mistakes that come with a new product.  it is under active development but I would hold off for now.

3.  Run Firefox or Google Chrome.

4.  Don’t goto porn, warez, gambling..etc etc type sites.  If it’s a red-light district on land it’s the same in cyber-land.  If you go to these places in cyber-land none of the above or below matter..you’ll be infected either immediately or very quickly.  NO anti-anything will save you either.

5.  ETC recommends Emsisoft or Bitdefender.  If you are unable to afford these Windows Defender(Windows 10 only) will suffice.

6.  Never click a link in an e-mail until you check it.  This can be a tricky subject.  Hover your mouse(Don’t click any links) over the links and see if the address presented in the bottom bar matches the text of  the link.  If it doesn’t it’s a fake.  Contact ETC for full details.

7.  .zip and other files should be blocked at the edge.  They are no longer safe to be sent via e-mail.

8.  Remove admin rights from users.  Self-explanatory.

9.  Disable autorun.  This nukes most infections from USB keys(flash drives, thumb drives..etc etc etc.  Works great in conjunction with #8 and #7)

10.  Ensure all systems are up to date with all security updates and configurations.  Not just Windows and Office but every third party program on your systems.  (This includes Acrobat, Flash, Java).

11. Install an ad blocker somewhere on your network.  Preferably at the edge.  For browser ad blocking use Ublock Origin.

12. Remove Quicktime from your computer.  It has major security problems and Apple has abandoned it.

13. Remove Adobe Shockwave.  It is old and easily compromised.