Kat -

I'm still bucking the popular trend, and use Norton Internet Security as my main program (One purchase is good for up to three machines). Note though that Norton AV, Norton Internet Security, and the newest Norton 360 are distinctly different programs with various levels of protection and slightly different amounts of obtuse behaviour, and there are other add-ons you can get from Norton.

I can't say that it's necessarily a recommendation; but I'm satisfied with what it does and with the setup and maintenance requirements.

My NIS has blocked one site at a link from a seemingly harmless page, and has warned about possible malware on perhaps a dozen individual pages in the past year.

Since I allow automatic updates to my WinXP, I also get weekly runs of Microsoft's "Guardian" (I think that's the name?) that does a (probably redundant) check for "popular malware."

The Google toolbar also includes a "popup blocker" but I've only had one instance in the past year when it blocked something (that it shouldn't have, since the site was in my allow list and I'd already allowed a temporary add-on for the visit when Norton asked if I wanted it to run).

(Note that Google does, sometimes, warn about "suspect sites" in search results. Yahoo search reportedly is adding that feature. So far as I know, Microsoft search does not include any such "inspection" of sites in returns.)

I have kept Ad-Aware and have used it occasionally, but frankly it has never found anything but "nuisance" things like Double-Click and Tribal Fusion cookies. On principle I'd rather never see them, but they really are not "malicious" - just annoying. The latest update of Ad-Aware also appears to want to delete my mudcat cookie, which I find somewhat irritating.

I still also have Spybot on all my machines, but frankly can't remember the last time I ran a scan with it, since Ad-Aware gets most of the "bulk cookies" when I feel the need to clear some temp space.

Users in other parts of the world may want to look at a more "localized" product. There are distinct differences in when and where currently damaging malware circulates, and having programs from someone in your own region can have some advantages in terms of quicker response to new local threats, some of which may be a real nuisance in a small area, but never circulate widely enough to be incorporated in "hard" protection everywhere. (The main-line protection suites will incorporate them, usually fairly quickly, via "type signatures" but may not include specific variant-unique signatures.

Since the PRIMARY protection any of us have is the mantra: DON'T BE CURIOUS, with corrolary "Don't Click if you Don't Know," perhaps my best defense is just not having many friends who send me "fun stuff" - the most common source of crud.

John