I second all of GrannyGeek's suggestions.
RE virus software, I've had good results with both Norton (symantec) and McAffee (spelling?), but prefer Norton. Setting it to automatically update is clean and doesn't bog down the machine if
you have a high-speed connection. Ditto windows update ... you can also do what we could call the semi-automatic method: have it update on a certain date and time - and just leave the machine on overnight then, letting it do it's thing.
And, yes, use a NAT router/switch --- the software one's can be difficult. Most of all high-speed vendors (cable, dsl, etc.) have gotten tired of service and complaint calls from virus infections. The firewalls built into these things have gotten pretty good. (And you can hack at your own system and see how it holds up, if you get a hold of the backtrack - live