The biggest point of entry on your PC is almost always going to be your web browser, followed by your operating system, followed by any other programs you have installed that can contact the internet. This is because your browser interacts with insecure websites and webpage applets/objects most directly and more frequently than your OS, but your OS (especially Windows) is going to have its own assortment of security design flaws and holes. The best way to stay secure is to start with your browser, then work down:
- Install an ad-blocker and script-blocker extension for your browser (i.e. Adblock Plus and NoScript for Firefox) and keep all your extensions updated. Keep your browser updated as well.
- Keep Adobe Flash updated. I swear to god 90% of the infections I see at work are a result of some fun new exploit in Adobe's unbelievably awful software. Note that staying updated alone isn't always enough to secure Adobe Flash; you sometimes have to manually locate and delete old files (thanks, Adobe) - see below
- Keep your OS updated. Download all security updates and install them immediately always. There's no reason not to do this; the days of updates breaking your OS are long gone.
- Install Secunia Personal Software Inspector (PSI) to scan your machine for any insecure programs. This program is awesome; it can automatically find everything that has known security holes and update them for you automatically or give you a list and let you take action yourself, and now I think it can even be configured to do everything silently in the background (great for your computer-illiterate parents' PC). Note that sometimes it can't find an update for really old or end-of-life programs, in which case it will usually recommend you find a similar, newer program to use instead. PSI is what gave me the detailed info to figure out how to find and delete the insecure leftover .dlls for Adobe Flash that were still a security risk on my machine, so props for that.
- Get something like Microsoft Security Essentials installed for free realtime malware protection in the off chance your other security barriers fail to keep the bad stuff out. MSE is recommended because it actually does a good job at finding things and it stays out of your hair. Just be sure you opt out of Microsoft's "SpyNet" (why the hell they called it that I will never understand) unless you're ok with MS potentially seeing what files were infected on your machine and how you dealt with them. Opting out is all you need, but if you're really paranoid, there's instructions for blocking any SpyNet servers in your HOSTS file. But only if you're really, really super paranoid like an idiot.
Google this stuff and you should find downloads. If you keep all this running and don't do stupid things like open email attachments from people you don't know (or even people you know who sound unusual in the message; email accounts get compromised all the time. Ask them first if they really meant to send you Cute_Puppies_2.png.exe), you'll be fine. Playing games is the last thing I worry about when it comes to computer security.
