People ask me from time to time about computer viruses, usually after they get infected or someone they know gets infected. If you're reading this, you may even suspect this article is about you, but I get this a lot so I figure I should put this out there in plain terms. First, I will cast my net a bit wider and collectively refer to viruses, trojans, adware, malware, and worms as simply "threats". From an information security perspective, and to keep things simple, I will not delve into the nitty gritty differences between the individual threats, and we will proceed assuming that no threat is tolerable and they should all be stopped.

Most of the time, people are very concerned with the hows and whats of a threat and how to protect against it, but it is very important to understand why threats exist. Often times people see TV shows or movies that feature threats and think that someone they know is out to find all their embarrassing pictures they keep in My Documents and post them online. That might be something you have to worry about with Geek Squad, but usually not threats, and the reason is because there is no money in it. Here is a picture to illustrate the concept:

Writing and distributing a properly-functioning threat is risky, difficult and time-consuming, and like any other kind of hard work a person expects a decent payoff for his efforts. As such, most threats are after money - yours or someone else's, and in order to get yours it has to either trick you into giving your money away, find existing banking passwords or credit card numbers you may have saved in a file, or sit quietly and wait for you to type your passwords to banking accounts, merchant accounts, PayPal et cetera. You may be asking yourself at this point how a threat on your computer could be after someone else's money. You may also have wondered at some point how spammers manage to send out millions of marketing e-mails a day without their internet providers batting an eyelash. The answer to both questions is the same - spammers either create or rent out botnets, which are groups of thousands of regular computers that have been silently taken control of by a threat. The computers go on to act as an assembly line of sorts to send out spam, flood targeted websites with requests to take them down, or a number of possible Bad Guy things, while otherwise the computers behave entirely normally and their owners are none the wiser. In fact, it was estimated in 2007 that up to 25% of all personal computers are members of a botnet. I personally think that number is a bit high even by 2010 standards, but the point is that it's a serious consideration.

Now that you understand a bit more clearly why someone would be interested in infecting your computer with a threat, I will discuss the first line of defense - you, the user. Programs that prevent and defeat threats are helpful, and keeping them updated helps prevent against recent threats, but the best defense system in your possession is the one between your ears. Without it, your index finger will betray you.

Rule #1: Do not abuse Administrative permissions
About 90% of you are breaking this rule right now. UNIX, Linux, and Mac OSX (to a lesser extent) mercilessly enforce this rule. Windows doesn't force this on you, and Windows Vista and 7, like Mac OSX, half-heartedly attempts it with a feature called User Account Control, but this is something you need to put effort in yourself. When you use a user account with admin rights, any program you run (including threats) has full access to do whatever it wants to your computer, whether or not you meant to open it in the first place. Here is what you need to do:

a. Click the Start Button, then click Control Panel (in XP, Settings -> Control Panel).
b. Open the User Accounts control panel.
c. Click Manage Another Account (in XP, skip this step).
d. Click Create a new account.
e. Type a name you would like for your new administrative account. It is safest to leave admin out of the name (in XP, click Next when done).
f. Click the Administrator radio button.
g. Click Create Account.
h. Click the new account you just created.
i. Click Create a password.
j. Create a strong password for your admin account (in XP, click Change another account after doing this).
k. Click on your own user account.
l. Click Change the account type.
m. Click the Standard user (in XP, Limited user) radio button and click Change Account Type.
n. Restart your PC.

Whenever you want to install a program (which shouldn't happen that often), log off your normal user and log in as your administrator account. Once in a while this will be inconvenient, but not nearly as inconvenient as having to back up all of your data, reformat your PC, and start everything from scratch because you were careless.

Rule #2: Do not let your software get outdated
Vulnerabilities are often found in popular software such as Windows, Internet Explorer, Microsoft Office, and Adobe Acrobat. Most programs also have automatic update features. These features are annoying and you may be tempted to disable them. Make sure you go and check every application you install for an automatic update feature, and turn it on.

Rule #3: Do not browse irresponsibly
It is possible, though unlikely if you are keeping your browsers up-to-date, that a site will exploit a weakness in your web browser in order to install something without your consent. Following rule #1 will prevent you from installing something you can't get rid of. Following rule #2 will reduce the possibility of your browser being exploited in the first place. However, you should take care about where you're browsing to and how you're doing it. The seedier places on the web frequently house the most effective and well-written threats, and take advantage of your impatience and your need to find free whatever-it-is-you're-looking-for to infect you (fake video codecs or programs are one such trick). If you are going to browse to unfamiliar or possibly dangerous websites, use an application to create a sandbox for your web browser. Sandboxie in particular makes this very easy to do. Anything you run inside the sandbox cannot affect anything outside the sandbox. This can also be used to test new programs or websites you don't trust.

Rule #4: Do not fail to recognize fake windows
When web browsing, often you will see advertisements that are either designed to look like windows from Windows, or a JavaScript error prompt that pretends to be a warning from Windows that you've contracted X,Y, and Z problems and you absolutely have to download SUPER WIN DEFENDER or some such nonsense to resolve the situation, which will subsequently infect you and extort you for money to "update" or "activate" the program. Very often these alerts will use alarming language and scare tactics to try to get you to install something without thinking it through. Perform a visual "sanity check" on the message, looking for grammatical and spelling errors or the names of software not made by Microsoft. Check the coloring, border and buttons on the window to see if they are consistent with your other open windows, and look for the telltale sign of two X buttons near one another. Full-fledged windows (with task panels, drives and features) do not simply just pop up in Windows. When in doubt, press the ESC key to cancel out of alert windows, and if that does not close them then hold ALT on your keyboard and press F4 to close any windows without clicking on the "X" (which could actually just be part of the picture intended to trick you). With ALT+F4, there are no mistakes in closing windows.

Rule #5: Do not open e-mail attachments
If you've heard any advice about threats, it has probably been this rule. Do not download attachments from e-mail. If someone you know personally sends you an attachment, evaluate it this way:

• Did I ask for this person to send me an attachment?
• Does the body of the e-mail mention the attachment at all?
• Does this e-mail look like it was written by the person who sent it?

If the answer to all of the questions is Yes, then chances are it's safe. If the answer to ANY of the questions is no, it would be safest to ask the person through a different means (phone call, instant messaging, but not e-mail) if they really sent it. If you do not know the person who sent the e-mail, do not open the attachment. Easy!

Rule #6: Protect yourself
Once you have rules 1-5 down, then you can start worrying about protective software. Install a very limited set of applications to protect yourself, for the sake of simplicity and keeping your computer running fast. You should only ever have one anti-virus program installed, as multiple anti-virus programs will conflict with one another. I recommend Symantec business products such as Symantec Endpoint Protection, but I would shy away from their Norton-branded applications due to their excessive resource consumption (slow ya down). I also recommending only having one firewall application, as multiple firewalls are unnecessary and confusing to figure out which one is blocking something you don't want blocked. Windows Firewall is free, perfectly capable and well-supported, so if you aren't using Symantec Endpoint Protection I would recommend it. If you have followed the previous rules, additional protection should not be needed, but if you're paranoid then I would recommend using MalwareBytes' Anti-Malware to check yourself out once in a while, and if you suspect you might have something nasty you will want to use HiJack This to prepare a log of what you did to yourself and visit the help forums at BleepingComputer. If it were me, though, I'd reformat and start from scratch unless it was something very minor. These things have a way of coming back after they've been "removed".

Rule #7: Re-educate yourself
Computers and the Internet change very fast. So, too, do threats and countermeasures. It is a good idea to subscribe to a security blog, follow @symantec on Twitter, or once in a while look for articles on new trends in threats. Keeping up to date on how and why people are exploiting weaknesses in systems will prevent you from having to deal with the consequences, whether they be minor inconvenience or identity theft.

And who knows, you might just save the world.