*The following advice is based on my experience over the years servicing thousands of computers, instructing users, and researching common-sense approaches to security for the average users.
If your computer gets infected by a virus or spyware or malware, it is because you have asked for it. Period.
You may not have intentionally asked for it, but at some point you asked for it. That means that you didn’t follow common sense, are using an unsafe browser (such as IE), opened an untrusted attachment, or put an untrusted PC on your network. In other words – you asked for it.
Normally, your pc will get infected simply because you have your security settings too low. In the case of Windows and Internet Explorer, even after SP2, low security settings are the default. Microsoft tries to empower the user, but their method of doing so exposes the user to multiple vulnerabilities.
First and foremost, quit using Internet Explorer to surf the Internet. Use an alternate browser such as Firefox, Opera, or anything but IE. It is full of exploits and is arguably the main reason that Windows is exploited.
Second, follow some common sense rules for security. Everyday user security does not have to be complicated, but you need to follow some general guidelines. It is a layered approach. There is not 1 single product or piece of software that will protect you from all the threats. As a matter fact, most of the more popular security applications (Norton, McAfee, Trend Micro) have a tendency to lull you into a false sense of security.
The analogy that I like to use is this: Current anti-virus programs are like an alarm system on your house. They tell you (hopefully) when the burglar is already there.
Plus, I’m definitely no fan of Norton or McAfee or even TrendMicro. Countless times, I’ve run across pc’s that were horribly infected even though Norton was installed and up-to-date. If these programs worked as well as they are touted, then people like me would not have a business model.
The point is this: Use common sense and a layered approach.