The main problem with Windows computers is that most people run them with Administrator privileges. This means that if they want to install software, change system settings etc., they don't have to enter a password, they can change anything they want. This is very convenient, and it is the default setup that Windows encourages, but it is a major loop hole that almost all viruses, trojans and spyware exploit, because the virus also has administrator privileges over the machine.
Many people rave about the excellent security and stability of Linux machines, and rightly so, they are a great system. But users of Linux machines usually DO NOT run as administrators and if any system settings need to be changed, or software installed, it is required to enter the administrator password. This effectively locks viruses out of all the system files and folders because the virus does not know the administrator (called "root" in Linux) password.
Wouldn't it be nice if Windows machines could be set up in this way. You could surf the web and do all your daily tasks with normal restricted privileges and if you need to install software or change your network settings, you log in as admin, enter your password, do your stuff, log out, and log back in as yourself.
Windows machines can be set up in this way, for a full set of the instructions see the full Windows XP/2000 security setup instructions here.
Matthew Sirpis How to Secure a Windows PC against Antivirus, Trojan, Spyware etc.