by ilago
This is a layered approach to protecting your computer.
There are links to reputable free software here Favourite Software or on this page.
Consider using a safer browser than Internet Explorer
Mozilla, Firefox and Thunderbird downloads http://www.mozilla.org/products/firefox/
Firefox has a huge range of extensions available. Most recommended are AdBlock Plus and NoScript, although NoScript needs management to use while you train it. All extensions should be downloaded from Mozilla Firefox Add-ons as the extensions and add-ons are checked and most are kept updated.
There is a thread on Techtalk with many other Firefox extensions listed for special functions
Opera is an excellent browser with many features built-in and some very useful functions. Opera - http://www.opera.com Some users resist Opera because it doesn't have Firefox's extensions for blocking ads. You can block elements on web pages from Opera but there is a way to get Opera to block ads using the urlfilter.ini file. Explained here
There are a number of add-ons for Internet Explorer that give it more flexibility but most still have the same disadvantages of Internet Explorer. If you prefer Internet Explorer and don't feel confident about trying a different browser then you could try one of these.
Avant Browser http://www.avantbrowser.com/
Maxthon (the old MyIE2) http://www.maxthon.com/
Crazy Browser http://www.crazybrowser.com/
Learn to setup Internet Explorer for secure internet use here:
Internet Explorer Safe Settings
http://www.microsoft.com/security/incident/settings.mspx
Passive Protection
Install Spywareblaster from Javacool Software. SpywareBlaster will block bad ActiveX and malevolent cookies.
http://www.javacoolsoftware.com/spywareblaster.html
Use a hosts file lock. Spybot Search and Destroy has one to prevent changes to the hosts file.
The best hosts file to use on Windows is the mvps hosts file. It is routinely updated so you'll need to download and install a new version every couple of months
mvps hosts
Hosts files restrict access to some nasty links and websites by redirecting the URL to the localhost so the address can't be resolved. It is made read-only which gives some additional protection. It is regularly updated by the site and nasty sites are added all the time. Even if it's never updated, it still provides another layer of protection. A lot of ads will disappear from pages as a bonus. A warning though, if you are on a large network, a large hosts file like the mvps hosts file can cause slowdowns in network activities and in browsing.
Intrusion Detection Software
This software monitors for attempts to install software, change existing software or interfere with a process. It will always need to be disabled when removing software or installing new software.
Winpatrol is the earliest and the best of the process and activity monitors. It's free, but the paid version includes some additional features. It would be the first recommendation.
WinPatrol monitors your system for changes and notifies you when a program attempts to change something or install something. Once you have set it up for all your usual activity it is not too bad.
http://www.winpatrol.com/
Prevx is probably less known but is one of the earliest IDS programs. It needs some work to configure well. The Home version of Prevx is no longer free
http://www.prevx.com/prevxhome.asp
BOClean is no longer available. The functions of BOClean have been incorporated into the Comodo Security Suite of products
Comodo
Microsoft Antispyware, Spybot Search and Destroy Tea-timer also monitor your system, but not as effectively as the freeware available.
Although you should always use more than one antispyware program for scanning. Don't use more than ONE firewall, antivirus or system monitor program. They will have conflicts and may not work at all - you may not know either.
Don't forget to update manually where it's not automatic
Using Limited User Account
All versions of Windows up until Vista was released operated with all users as system administrators, unless someone was able to set up Limited User Accounts. It has been difficult to do that as some third party applications will only run in an Administrator profile.
It is much safer to use the internet as a limited user. It doesn't completely stop malware installing but can slow down the damage malware can do significantly in some cases. Microsoft has made Windows SteadyState available as a free download for Windows XP users as long as they are using an authentic version of Windows. Read more about it here. It gives the administrator user a way of making the computer suitable for different levels of user.
http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
Lastly - Commonsense