"I want to warn everyone that any time you download and install software from the net you are HIGHLY vulnerable to malware attacks.
The only times any of my machines were hijacked were from downloaded software."
You are absolutely right, BUT: I've been downloading software since before there WAS a publicly-accessable Internet, and I've NEVER had a machine hijacked. There are precautions you can take to prevent that sort of thing. One easy one (not cheap, but easy) is to have a separate computer for the purpose of checking out downloads and evaluating them.
Have that machine loaded with as many different antispyware programs as you can stand to have running at the same time. I've got Symantec's Enterprise edition antivirus, AdAware SE Plus, Spybot Search and Destroy 1.4, and Spyware Blaster, all running on every machine we have.
Do most, if not all, of your downloading from reputable sites.
http://www.download.com is a good site, for example. It's run by Cnet. ZDnet has their own download site, as well.
http://sourceforge.net/ is good for those who like open-source software.
Paranoia is a good idea when you download. Just because you're paranoid doesn't mean they aren't out to get you...
And use the other machine to do all your critical work. MS Office allows you to install it on two machines, as long as you're not letting both copies be used at the same time, so all you really need is a second copy of the OS, and you can use a thrift-store computer for the spare machine.
You can now download MS Virtual PC for free from their site, and run virtual machines to use as sandboxes on that spare machine, too. Run the stuff you are really scared of (if you must) there, and you can keep an eye on it, from outside, where it can't get to anything to harm it. I've downloaded that software, too, but not tried it out yet.
I build all my machines with a small C:, and a large D and/or E.
OS goes on C:, mail, documents, pdfs, everything else on D.
I can wipe clean and rebuild a machine in about an hour.
Right now I have 9 working laptops and two desktops within my sight, running anything from Win95 to XP and RH9. Still lloking for a decent Linux distro with a good desktop look/feel.
Funny, cause last night when I first saw this thread, I was gonna put a blurb in about the NETSTAT command (which is how I detected I was hijacked), and then later last night I was watching a video about the kid who broke into the NASA computers, and he basically said the same stuff!
PC's are just a hobby. My real work is on Big Blue big iron.