I have often said the best approach to security is common sense. Stay away from suspicious websites, never give your personal details and banking information to suspicious websites, never open attachments from unknown senders and scan attachments from known senders before opening them, and if you have kids using the Internet keep a close eye on them.
It's helpful to use Firefox with extensions like Ad-block and noscript as these alone will eliminate possible malicious scripts. Avoid using IE if you can, at least on the default settings. Common sense and these 2 Firefox extensions alone will reduce your chances of picking up anything from anyone.
Your best defense is layered defense. Keep your operating system patched with the most current updates. Make sure you have a firewall running and pay attention to outgoing traffic (i.e. Komodo is exceptionally good and free too), make sure you use quality anti-virus and keep the definitions updated daily.
There are several anti-malware tools available, some cost money and some are free. No program will give you the perfect result so it's best to research online before choosing one. Paying for an anti-malware program does not necessaily mean you'll have greater protection as oppose to using a free one. Also beware that some criminals actually put up fake anti-malware and anti-spyware programs and use them to deliver malicious code onto people's computers.