OK, I did my homework, so is this all I'm gonna need (in addition to safe surfing practices)?
OS:..................................................Windows XP Pro (version 5.1) SP3
anti-virus:.........................................Avast Free 5.0.418
firewall:.............................................PC Tools Firewall Plus Free 6.0.0.74
anti-malware blocker:..........................SpywareBlaster 4.2
anti-malware scanner / removers:..........Malwarebytes' Anti-Malware 1.44 freeware
.......................................................SUPERAntiSpyware freeware 4.33.1000
clean-up utility:..................................Glary Utilities 2.20.0.831
browser:............................................Internet Explorer 8
Assuming IE8 is like IE7, here are the security settings I'll use:
* Zone: Trusted sites
...* Security level for this zone: Medium-high
* Zone: Internet
...* Security level for this zone: High <-- Medium-high to download^
….* Custom Level:
…….* ActiveX controls and plug-ins:
……....* Download signed ActiveX controls……………………………………………………Prompt
…..…..* Download unsigned ActiveX controls………………………………………….……Disable
……....* Initialize and script ActiveX controls not marked as safe for scripting…..Disable
…..…..* Run ActiveX controls and plug-ins…………………………………………....……………Enable
…..…..* Script ActiveX controls marked safe for scripting………………………….……….Enable
…….* Miscellaneous:
……....* Installation of desktop items……………………………………………………………….….Prompt
…..…..* Launching programs and files in an IFRAME…………………………….………………Prompt
…..…..* Navigate sub-frames across different domains……………………………....…….Prompt
^ For some reason, IE7 requires me to do this even at a Trusted Site and even with:
1. "require server verification..." unselected, and
2. Security level for Trusted sites zone set at Medium-high.
And if my NetGear WGR614v6 wireless router is capable of it, I'll put its firewall into "stealth" mode (to drop incoming packets rather than denying them, which supposedly makes you invisible to some attackers).
And should I go to OpenDNS.org for a free secure DNS source?
And does anybody know if enabling Java in the browser constitutes a vulnerability to malware? How about Javascript?