Every Windows® PC should have an anti-virus, firewall and an intrusion detection tool. The only thing that anti-virus and firewall will protect you is the traditional and well known viruses and threats hence keeping you safe from various exploits and attacks.

When it comes to choosing an anti-virus, there are a couple of things that one should look out for:-

• It should have a high detection rate – it should easily be able to detect the most common viruses and neutralize them, if that is not possible; quarantine or delete the virus.

• It should have a high configuration ability – this is important to the user since it involves factors that affect the performance of the AV. Things like ease of updating, some anti-viruses like McAfee provide user defined capability where if the user knows the virus name, he/she can be able do define it and the anti-virus will clean it.

• It should be able to scan and detect packed files – this includes the alternate data streams (ADS) that may harbor viruses. Some of anti-viruses do not successfully do this.

Let me mention that various anti-viruses have different runtime performance which depends on the scan level and detection rate as far as packed objects are concerned. Some these anti-viruses tools can scan iexpress, cab or sfx files and some cannot. Simple malwares are often made by creating self-extracting executables using commonly available packers such as cab, rar etc. Hence, if your antivirus has an option to scan archives, it is highly recommended that you enable this function. This drastically improves the detection rate at the cost of system performance.

Some of the recommended antiviruses include: Avira which is a good freeware. Another alternative is NOD₃₂ which is also a very dependable shareware solution. Both of however fail to successfully detect packed malware threats.

When it comes to firewalls, they should be able to protect your PC from known attacks and intrusions. The same quality applies as the one for the antiviruses in that is should be highly configurable too. Essentially, a good firewall should be able to list the exact ports and IP addresses through which communication is legal. Users mostly tend to allow their applications to access internet each and every address; however this can cause big problems when application vulnerability is known and exploited. Hence, firewall rules should be configured properly on a per application basis. It is therefore paramount that you do not allow your firewall to make decision for you. Example – when updating your application, a good firewall should prompt you. This detection helps you to spot root kits of popular versions of the application, to which you have allowed internet access. When your firewall tool issues such an alert, you should look out for things such as digital signatures of the application to ensure that it comes from a legitimate source.

Some of recommended firewall solutions that implement the above features include:- Comodo firewall and ESET Smart Security. However, common firewalls are often targeted and people are always on the lookout for exploits and tactics to evade them. A tool like Coreforce firewall (http://force.coresecurity.com), does much more than a normal firewall can be a force to reckon with on a home PC.