Threat #3: Malware
Every day, virus, spyware, and adware creators come up with new, ingenious ways to gain access to your PC. These steps will help keep you safe:
Think before you click: Attached files that end with .exe, .com, .bat, and .scr, as well as scriptable document files, including .doc and .xls, can infect your PC with a single click. Many e-mail programs block access to executable-file attachments.
Use a spam filter: Though some malware makes its way onto your computer via drive-by browser hijacking (see "Threat #1"), e-mail is its other main source. Install a junk-mail filter to reduce your chances of activating malicious scripts embedded in messages.
Update your antivirus software: Allowing your antivirus software to continue running after its subscription has expired is actually worse than using no antivirus software at all: Not only do you lack the crucial virus signature database updates, but you expose your system to malware that targets known flaws in antivirus software. My personal favorite free antivirus app is Grisoft's AVG Anti-Virus Free. Go to our Top Antivirus Software chart for our antivirus-software recommendations.
Get a second opinion: Install and use only one antivirus program at a time on your computer because multiple real-time scanners will conflict with one another. If you have doubts about your program's effectiveness, however, use a free online virus scanner, such as Panda Software's ActiveScan; see Figure 3
Download with discretion: Any program you download and run on your system could potentially result in a lethal infection or zombification. Download software only from reputable online sources (such as PCWorld.com's Downloads section) that first scan all of their download files for any malware.
Use a bidirectional firewall: Windows XP and Vista each come with a firewall that blocks incoming attacks; it's enabled by default in Windows XP Service Pack 2 and later. For the best protection, you'll also want to block unwanted outgoing connections made by malware on your PC that attempts to either connect to a remote server or send out spam. Vista's firewall can be set up to do that, but configuring it is not a job for the average Windows user. Instead, get one of several free bidirectional firewall programs, such as Zone Labs' ZoneAlarm Free, or Agnitum's Outpost Firewall Free. Most commercial security software suites also include a firewall program.
Use antispyware: Spyware, adware, and some browser cookies slow down your system, cause crashes, and track your online activity. Antispyware utilities work much like antivirus software, detecting and removing the unwanted software from your PC. We picked Webroot's Spy Sweeper 5 ($30 per year) as our favorite in our "Spyware Fighters" antispyware roundup.
Upgrade from XP: Service Pack 2 makes Windows XP much safer, but the operating system still has security holes, and it remains a top target for malware authors. Windows Vista's new user access controls ask your permission before launching new programs, which reduces the chances that malware can leap from the Web to your PC automatically, though some Vista bugs have already been found. Both the Mac OS and Linux offer even stronger safeguards against program launching, and they are rarely the targets of malware attacks, which makes it very unlikely that Web-hosted attacks--or any other kind--will afflict computers running those operating systems.