Those seeding campaigns typically employ Web attacks that target outdated browser plug-ins and other vulnerable software. "Flash and RealPlayer [plug-ins]--those are the big ones," Stewart says. The attacks are often successful because it can be hard for users to know when a plug-in is old and susceptible, especially if it's so old as to predate automatic updates.

The free can make that task easier. It will scan for outdated software and also provide links to patches or updated versions. A good will also help, of course, and a capable of blocking a bot's phone-home connections can provide a secondary layer of defense.