(Why did I just put the word viruses in quotation marks? Anything that infects your PC today is almost certainly not, technically, a virus. But the word has become a common term for any malicious software, whether it spreads like a virus or not. See Is It a Virus? for details.)

What are some of the signs that you may have an infection?

* Your home page keeps changing, or web searches keep taking you to the wrong page.

* Software that should protect you, like your anti-virus program, can’t update or no longer works properly.

* Common programs you can use to configure your system, such as msconfig or System Restore, stop working.

* Your computer accesses the Internet a lot when you’re not using the Internet.

* Your security software tells you that you have an infection, but can’t get rid of it.

If you think you have an infection, try the following four fixes, in this order. And use them all, even if the second one solves the problem.

1) Accept that your anti-virus program has failed. Don’t be too hard on it; you just had the misfortune to get the malware before the update that would have protected you from it. But until everything else is fixed, your current software probably isn’t working.

2) Restore the system. Select Start, All Programs, Accessories, System Tools, System Restore. Follow the prompts to restore from a time before you starting having the problem. If you don’t have a restore point that old, go on to step 2. If System Restore fails to work, reboot into Safe Mode (reboot, then press F8 before Windows starts loading (it may take a few tries to get the timing right) and try System Restore there.

3) Get a second opinion from another security program. I recommend the free version of either SUPERAntiSpyware or Malwarebytes’ Anti-Malware. Download the program, install it, and have it scan your hard drive and eliminate what it finds.

4) Get a third opinion. Repeat with the other of those two programs.

If you’re not satisfied that you’re now clean, download and install another free program: Trend Micro’s HijackThis. This one doesn’t actually fix anything, but it gives you a very thorough, and for most people, thoroughly unreadable report. But someone who knows what they’re doing can study this report and figure out what your problem is and what you can do about it.

Lincoln Spector, PCWorld

While they were on the road, their home in Mesa, Ariz., was burglarized. Hyman has an online video business called IzzyVideo.com, with 2,000 followers on Twitter. He thinks his Twitter updates tipped the burglars off.

“My wife thinks it could be a random thing, but I just have my suspicions,” he said. “They didn’t take any of our normal consumer electronics.” They took his video editing equipment.

Most people wouldn’t leave a recording on a home answering machine telling callers they’re on vacation for a week, and most people wouldn’t let mail or newspapers pile up while they were away. But users of social media think nothing of posting real-time vacation photos on Facebook showing themselves on beaches hundreds of miles from home, or sending out automatic e-mail messages that say, “I’m out of the country for a week.”

“I’m amazed at how many people get on there and say they’re going on vacation,” said Lee Struble, head of security at Monroe Community College in Rochester, N.Y.

Struble, 53, is a member of Facebook with more than 200 friends, many of them classmates from high school and college who recently reconnected through the site. “Some of these people you haven’t seen in 20 or 30 years,” said Struble. “But they know where you live or can find out pretty easily, they can do a Google Maps search and can get directions to your house, and you’re telling them that you’re going to be gone.”

Struble is careful about his outgoing e-mail messages. “I just tell people I’m going to be out of the office; I don’t say I’m going to be out of town,” he said.

Despite the fact that so many people share their vacation plans via the Internet, most Americans don’t think private information is secure online. “We actually polled on that question, and the majority of people, teenagers and adults, think that a determined searcher can find them — no matter how careful they are with information,” said Lee Rainey, who has studied Internet behavior extensively as director of the Pew Internet and American Life project in Washington, D.C.

New communication technology has always brought with it new risks and rules, usually learned the hard way. When telegrams were a primary means of long-distance communication, correspondents struggled to craft messages that would convey meaning without revealing private business to the operator. Party line phones were often conduits of news and gossip. And Prince Charles showed the world painfully that mobile conversations could be intercepted when his pillow-talk call to Camilla Bowles was made public.

Facebook and Twitter are so relatively new that users may not consider all the risks. For Hyman, Twitter was a way to connect with fans of IzzyVideo.com, where he offers how-to videos on video production. His wife teaches scrapbooking through videos at Paperclipping.com. About half of the new episodes they release are free, but viewers pay to access their archives.

“The customers have never met me in person,” Hyman said. “Twitter is a way for them to get to know me. You do business with people you know. I’m a real person. I take my kids to the park. I go on vacation. I’m not just some company!”

He added: “I forgot that there’s an inherent danger in putting yourself out there.”

Detective Steven Berry of the Mesa Police Department, which is investigating the burglary at Hyman’s home, said: “You’ve got to be careful about what you put out there. You never know who’s reading it.”

Despite the potential risks, some social media fans say they have no qualms about sharing their whereabouts.

“I don’t worry about it,” said David McCauley of Boise, a social media consultant who posts a running update of his activities for his Facebook friends. McCauley also communicates constantly on Twitter, where anyone can sign up to read your posts.

“If somebody really wanted to rob me, they could rob me whether they’re Tweeting about it or not,” McCauley said. “Most people who want to follow you (on Twitter) are typically not thieves, or they’re not looking to take your stuff; they just want to follow you and understand you.”

McCauley even plans to offer a description, via Twitter, of a trip to adopt a child overseas.

“In the grand scheme of all the noise that’s out here on the Internet and in Facebook and Twitter, there’s so much going on that it would be hard for somebody to zero in on me, looking for me to be gone,” he said. “I’m just not worth that much.”

Anne Wallace Allen, The Associated Press

A Computer Economics report showed that annual worldwide malware expenses increased by $10 billion (to $13 billion) over a recent 10-year span. Google Research suggests that one in every 10 Web sites is infected with “drive-by” malware. In June 2009, the Windows Secrets e-newsletter reported that such seemingly safe Web sites as Coldwell Banker.com, Variety.com, and even Tennis.com were exposing Internet Explorer visitors to the Gumblar exploit, which threatens to compromise visitors’ systems in order to propagate.

IT professionals must encourage their users to follow several security practices to minimize virus, spyware, and malware exposure. But many computer techs are too busy to spread the word, or they don’t have the time to build an appropriate memo or handout.

With that in mind, here’s a handy reference list of 10 steps end users can adopt to avoid infection (including when using home systems to read and send work e-mail, create, edit, and distribute documents and spreadsheets, access the corporate VPN, and perform other office tasks). Post this list on your Intranet, distribute it in an e-mail, or download the PDF version and pass it along to end users. Just be sure the word gets out. Otherwise, you’re likely to find yourself losing precious time cleaning and repairing infected systems or entire networks.

1: Install quality antivirus

Many computer users believe free antivirus applications, such as those included with an Internet service provider’s bundled service offering, are sufficient to protect a computer from virus or spyware infection. However, such free anti-malware programs typically don’t provide adequate protection from the ever-growing list of threats.

Instead, all Windows users should install professional, business-grade antivirus software on their PCs. Pro-grade antivirus programs update more frequently throughout the day (thereby providing timely protection against fast-emerging vulnerabilities), protect against a wider range of threats (such as rootkits), and enable additional protective features (such as custom scans).

2: Install real-time anti-spyware protection

Many computer users mistakenly believe that a single antivirus program with integrated spyware protection provides sufficient safeguards from adware and spyware. Others think free anti-spyware applications, combined with an antivirus utility, deliver capable protection from the skyrocketing number of spyware threats.

Unfortunately, that’s just not the case. Most free anti-spyware programs do not provide real-time, or active, protection from adware, Trojan, and other spyware infections. While many free programs can detect spyware threats once they’ve infected a system, typically professional (or fully paid and licensed) anti-spyware programs are required to prevent infections and fully remove those infections already present.

3: Keep anti-malware applications current

Antivirus and anti-spyware programs require regular signature and database updates. Without these critical updates, anti-malware programs are unable to protect PCs from the latest threats.

In early 2009, antivirus provider AVG released statistics revealing that a lot of serious computer threats are secretive and fast-moving. Many of these infections are short-lived, but they’re estimated to infect as many as 100,000 to 300,000 new Web sites a day.

Computer users must keep their antivirus and anti-spyware applications up to date. All Windows users must take measures to prevent license expiration, thereby ensuring that their anti-malware programs stay current and continue providing protection against the most recent threats. Those threats now spread with alarming speed, thanks to the popularity of such social media sites as Twitter, Facebook, and My Space.

4: Perform daily scans

Occasionally, virus and spyware threats escape a system’s active protective engines and infect a system. The sheer number and volume of potential and new threats make it inevitable that particularly inventive infections will outsmart security software. In other cases, users may inadvertently instruct anti-malware software to allow a virus or spyware program to run.

Regardless of the infection source, enabling complete, daily scans of a system’s entire hard drive adds another layer of protection. These daily scans can be invaluable in detecting, isolating, and removing infections that initially escape security software’s attention.

5: Disable autorun

Many viruses work by attaching themselves to a drive and automatically installing themselves on any other media connected to the system. As a result, connecting any network drives, external hard disks, or even thumb drives to a system can result in the automatic propagation of such threats.

Computer users can disable the Windows autorun feature by following Microsoft’s recommendations, which differ by operating system. Microsoft Knowledge Base articles 967715 and 967940 are frequently referenced for this purpose.

6: Disable image previews in Outlook

Simply receiving an infected Outlook e-mail message, one in which graphics code is used to enable the virus’ execution, can result in a virus infection. Prevent against automatic infection by disabling image previews in Outlook.

By default, newer versions of Microsoft Outlook do not automatically display images. But if you or another user has changed the default security settings, you can switch them back (using Outlook 2007) by going to Tools | Trust Center, highlighting the Automatic Download option, and selecting Don’t Download Pictures Automatically In HTML E-Mail Messages Or RSS.

7: Don’t click on email links or attachments

It’s a mantra most every Windows user has heard repeatedly: Don’t click on email links or attachments. Yet users frequently fail to heed the warning.

Whether distracted, trustful of friends or colleagues they know, or simply fooled by a crafty email message, many users forget to be wary of links and attachments included within email messages, regardless of the source. Simply clicking on an email link or attachment can, within minutes, corrupt Windows, infect other machines, and destroy critical data.

Users should never click on email attachments without at least first scanning them for viruses using a business-class anti-malware application. As for clicking on links, users should access Web sites by opening a browser and manually navigating to the sites in question.

8: Surf smart

Many business-class anti-malware applications include browser plug-ins that help protect against drive-by infections, phishing attacks (in which pages purport to serve one function when in fact they try to steal personal, financial, or other sensitive information), and similar exploits. Still others provide “link protection,” in which Web links are checked against databases of known-bad pages.

Whenever possible, these preventive features should be deployed and enabled. Unless the plug-ins interfere with normal Web browsing, users should leave them enabled. The same is true for automatic pop-up blockers, such as are included in Internet Explorer 8, Google’s toolbar, and other popular browser toolbars.

Regardless, users should never enter user account, personal, financial, or other sensitive information on any Web page at which they haven’t manually arrived. They should instead open a Web browser, enter the address of the page they need to reach, and enter their information that way, instead of clicking on a hyperlink and assuming the link has directed them to the proper URL. Hyperlinks contained within an e-mail message often redirect users to fraudulent, fake, or unauthorized Web sites. By entering Web addresses manually, users can help ensure that they arrive at the actual page they intend.

But even manual entry isn’t foolproof. Hence the justification for step 10: Deploy DNS protection. More on that in a moment.

9: Use a hardware-based firewall

Technology professionals and others argue the benefits of software- versus hardware-based firewalls. Often, users encounter trouble trying to share printers, access network resources, and perform other tasks when deploying third-party software-based firewalls. As a result, I’ve seen many cases where firewalls have simply been disabled altogether.

But a reliable firewall is indispensable, as it protects computers from a wide variety of exploits, malicious network traffic, viruses, worms, and other vulnerabilities. Unfortunately, by itself, the software-based firewall included with Windows isn’t sufficient to protect systems from the myriad robotic attacks affecting all Internet-connected systems. For this reason, all PCs connected to the Internet should be secured behind a capable hardware-based firewall.

10: Deploy DNS protection

Internet access introduces a wide variety of security risks. Among the most disconcerting may be drive-by infections, in which users only need to visit a compromised Web page to infect their own PCs (and potentially begin infecting those of customers, colleagues, and other staff).

Another worry is Web sites that distribute infected programs, applications, and Trojan files. Still another threat exists in the form of poisoned DNS attacks, whereby a compromised DNS server directs you to an unauthorized Web server. These compromised DNS servers are typically your ISP’s systems, which usually translate friendly URLs such as yahoo.com to numeric IP addresses like 69.147.114.224.

Users can protect themselves from all these threats by changing the way their computers process DNS services. While a computer professional may be required to implement the switch, OpenDNS offers free DNS services to protect users against common phishing, spyware, and other Web-based hazards.

Erik Eckel, TechRepublic

To avoid such issues, the Anti-Spyware Coalition (ASC, www.antispywarecoalition.org ), a consortium of software companies and outside parties, has presented definitions and supporting documents at www.antispywarecoalition.org/definitions.pdf.

This isn’t the first attempt to define spyware. An earlier industry consortium effort called COAST fell apart after it admitted an adware vendor. Almost all the same antispyware companies are part of ASC, but no adware companies are included yet.

So far, it’s hard to see what the ASC documents accomplish. Sunbelt Software stayed away from ASC because it argues that adware vendors have the most to gain from consistent definitions. The authors of adware and spyware are innovative and fast-moving, and they spend as much time trying to fool antispyware programs as they do trying to fool users. Giving them consistent definitions would help them work within the loopholes in those definitions.

Moreover, there’s a lot more to writing antispyware than just defining terms. Which threats, for example, should merit a default action of Remove? What language in end-user license agreements is proper? What information needs to be disclosed during installation? These are some of the important and difficult decisions in the antispyware business, and the ASC documents don’t address them at all.

The other potentially important ASC document describes a dispute resolution process for vendors who don’t like the way they’ve been classified. This process, however, also seems likely to be more useful to spyware vendors. And potential legal liability may dilute the way software is classified. For instance, faced with vendors who objected to having their products described as spyware or adware, the Internet security company McAfee created the term PUP (potentially unwanted program) to describe programs that aren’t exactly malware, but which users may download inadvertently and would probably avoid if they realized what was happening. Symantec entered the antispyware arena using a definition process that sounds more like a 12-step program.

So what do the ASC documents do for the poor end-user? Not a whole lot, it seems to us. Formalized definitions are more likely to constrain legitimate software than to limit the activities of spyware and adware vendors. In addition to relying on an antispyware vendor’s software and its judgments about the threat landscape, you should continue to cast a wary eye and be alert for signs that may indicate programs you’d prefer to avoid.

Larry Seltzer, PCMag

Mario Morejon, PCMag

We all hate Windows Genuine Advantage. Not only is it a hassle that might accuse you of stealing something you legitimately bought, but its very name adds insult to annoyance. It’s obviously an advantage to no one but Microsoft.

But with a simple change in policy, the folks in Redmond could use it to eliminate a far more serious problem: The difficulty in obtaining an actual copy of Windows to go with your legally-purchased license.

If Windows came with your computer, you probably have no way to restore it beyond a complete reformat. If you lost the restore discs that came with your PC, or altered your partition table and thereby rendered your restore partition unbootable, you can’t even do that. And you almost certainly don’t have the options and utilities that come with a genuine Windows CD or DVD.

And why not? Because Microsoft acts as if giving away Windows discs is the same as giving away licenses to run Windows. And yet the company must know that’s not true. Otherwise, Microsoft wouldn’t make you go through the activation process, or keep hitting you with Windows Genuine Annoyances. It’s the product key–that long number you have to enter when you install Windows–that defines and proves your purchase of the operating system.

So why can’t Microsoft simply give the disc away. Make it downloadable as an .iso file. Charge $5 to mail a physical disc to those who don’t like long downloads. Make it known that anyone can give the disc to anyone else.

I’m not suggesting that Microsoft give away Windows. You’d still need a unique product key to activate it, and you would get that project key either by paying Microsoft or buying a PC with Windows pre-installed (all such computers already come with a product key sticker). Or you’d already have the product key, but still need a product to install.

This could work just fine with XP, Vista, and (when it ships) Windows 7. Microsoft doesn’t even have to keep selling XP to freely give away the discs; I know plenty of people who “own” XP but need a way to install it.

A great many commercial programs, perhaps a majority of them, are now sold this way. You download the program, install it, try a limited version, then pay for a key that will unlock the full version. They used to call this shareware or demoware. Now its just the way software is sold.

Microsoft: Are you listening?

Lincoln Spector, PCWorld

In other words, disconnect the power cords from both, wait about 10 seconds, and then plug them back in. In a minute or two, your network will be up and running again, and your Internet access might be its good old speedy self. I say “might be” because there are loads of other possible culprits for pokey Internet connections.

For example, you might have a spyware problem. Windows’ Internet settings might be FUBAR (or at least less than optimal). If you’re connecting via a wireless router, there could be range issues.

In most cases, however, it’s probably just a router and/or modem in need of rebooting. For the record, my neighbor told me the power-cycling trick worked like a charm. Hmm, maybe I should send him a bill? Nah, I’ll just give him a link to Hassle-Free PC. Feel free to do likewise for friends and relatives who need answers to common PC problems!

Rick Broida, PCWorld

1) If you use WiFi, move your PC into the same room as your router and use an Ethernet connection. If the problem goes away, it’s a WiFi problem, although you still won’t know if it’s the router or the PC.

2) Try replacing one or more of the cables involved. If you replace an expensive router and then discover the problem is a $2 telephone cable, you’ll hate yourself in the morning.

3) Borrow another laptop or invite a friend to work at your home for a couple of days. If you have the problem and they don’t, the problem is with your PC.

4) Bypass the router and connect the modem directly to your PC. If the problem reoccurs, the problem is either with the modem or the connection. But remember, not using a router is inherently dangerous, so go back to the router as soon as you’ve identified the problem.

And if the problem doesn’t go away after all of these tests, it’s your ISP’s fault, even if they insist it isn’t.

Lincoln Spector, PCWorld