Pretty good advice, but the other thing is that you can't get free software to work reliably without multiple layers.
I have XP on my machine.
- Router has hardware based firewall enabled.
- Zone Alarm for outgoing firewall/app control.
- Adblock/Peer Guardian/etc
- Two virus scanners. Two malware scanners.
This all is free and it still only works ~80% of the time.
- Spyhunter (paid for this)
- One other professional app I paid for (no, not Norton or anything typical consumer junk)
The fact is that you need a professional AV and anti-malware/registry locker. The free ones are just not up to the task or updated days or weeks later than they need to be.
- Complete removal of the following from the OS down to the registry/core level:
1: Internet Explorer - my machine throws up "what application should I open this with?"
2: Remote Desktop/Remote Access
3: File Sharing (also remove the relevant parts from the TCP/IP connection)
Plus blocking of FTP and other remote protocols in and out of the machine. If I absolutely have to use it, I'll enable it for those few minutes.
It takes all of that to lock down XP. And that's only if I don't get online and hit a bad site on the web or something that I purposely get caught in.(note - torrent, password cracking, and Online Gaming gold/money sites are nearly 100% infected - avoid like the plague) Secondary are social networking sites and online gaming forums and the like.
Yes, this means you really should be using the net for work and a few specific applications you know are secure. Pretty much common sense. No AV in the world will help you if you start going to astalavista or other crack sites and start clicking links to various sites.
So... What to do?
Upgrading to Windows 7 or ditching it all and getting Apple/BSD or Linux makes a lot of sense if for no other reason than it's so new that the botnets haven't have time to adjust and are still going mostly after the biggest installed target group of users. They're not much more secure but they are a lot less likely to be targeted, which is something I guess...
It stinks but XP is going to be no longer supported at all in a couple of years, tops, and then the entire industry will abandon it and stop keeping the AV and firewall software as up to date. So changing now to something else is probably the best course of action if this really bothers you.
(myself I don't keep anything I can't replace on this machine so I don't care...)