If you're running Windows, you simply have to have "anti-badness" software. Perhaps, I should use a more technical term "AntiBadware." But where to start? Generally speaking this falls into four categories: AntiVirus, Firewall, AntiScuzware, and AntiMalware. (Yeah, I just made up another term there, too.)
Antivirus
I prefer free AV products because I really hate being held hostage not to the purchase, but the upgrade costs. Generally the uninstallers don't work so good, and well, you're stuck. Having to spend money during that process is a bit much for me.
I think that there is several product available in free AntiVirus scanners. Previously, I recommended BitDefender's Internet Security, which had a free version that work OK on XP. But they it's gotten to slow and cumbersome. And it's support for a free version for Vista and Windows 7 is waning. Ostensibly, they want you to use only their commercial product, I guess. On to another one.
For the past few years, I've recommended Comodo Internet Security. The free version of the scanner is very capable, and should suffice, but there are some benefits to upgrading to the commercial one. Becareful of the navigation on that site, especially when you go to download the installer. Once wrong click and you'll be pointed to the commercial side.
Yes, the free one it still very much available, but if you click around you'll get lost immediately in the new updated web site. Upgrade only if you feel the need a feature they provide at a charge.
FireWall
Windows comes with a firewall, but it's capabilities are, technically speaking, very silly. You really need a functional firewall, and I like to get one integrated with my AntiBadness software. Comodo Internet Security comes with a decent one. Use it. The installer will deal with the Windows firewall appropriately.
AntiScuzware
(Ok, if you haven't figured it out, I make some of my terms up as I go. This is definately another one of them.)
One of the primary attack vectors is using leveraging one program's vulnerabilities to attack another one. Trojan Horses often use this technique - the tragedy is that the attackers are often unwittingly installed by the owner. Older printer/scanner drivers or poorly written "just a fun little games" often become targets of this approach, too.
Comodo Internet Security comes with a decent AntiScuzware scanner called Defense+. Use it. Just be careful since it can be very Draconian often can prevent "normal" programs from functioning as needed. Actually, I often have to disable it just to get things going, then enable it and work out the kinks. The interface is not all that intuitive, so be patient.
Just going over that last point again. The Comodo AntiScuzware, or as they call it, a.k.a. Defense+, borders on pathologically insane. I ran into an issue severa times on a Dell Inspiron where the Vista mouse driver (composed of multiple files) was unable to communicate with its component parts because of this little megalomaniacal program. If you have stuff that simply won't work, before you pull all your hair out consider disabling that feature temporarily.
AntiMalware Scanner
This needs to be a standalone product that will scan your computer for various forms of Malware. Often prevented from being installed by a good AntiVirus program, once installed, they can get real tricky. And they can impact the AntiVirus program, which typically is very large. For that reason, I recommend that this be a different than your AntiScuzware protection.
Consider using the MalwareBytes free version. If you like the protection and want even more flexibility for scheduling, consider their commercial version.
Historical comment: Spybot S&D worked well, but it's soo beastly that I don't use is much anymore. Another product that I've recommended in the past was the ewido online scanner. (An online scanner that ran in a browser removing Malware, rather than installing anything locally? errr, BRILLIANT!) Alas, AVG bought it, and it's no longer available.
