A great way to harden your computer's security is to use firefox as your browser and install NoScript, this will make drive-by attacks effectively impossible. That leaves ony the risk of files you deliberately download being malicious, to defend against these you shold make sure to run an antivirus (AVG free is fairly good, I used to use it but switched to avast free recently), and an antimalware program (even if for on -demand scanning only) (malwarebytes is a good choice, free for on demand stuff, paid version for active protection layers).
You should disable un-necessary plugins in your browsers, you should set those you do use sometimes to "ask to activate" or "click to play" DO NOT let them be on fully automatic settings.
You should set up windows's file browser to "show full file extensions for even known file types" under "folder options", so you can guard against any exe and scr file viruses which pretend to be other file types (like trust_me_im_only_a_picture.jpg.exe ).
As well as these steps you can download a third opinion scanner (like eset online scanner) to run every few weeks and check yourself for infections.
Other protective steps are to run an adblocker in your browser, to prevent malvertising form loading, and you might want to add another protective layer against edxploit attacks, something like malwarebytes anti-exploit.
Other wise things to do incluse putting UAC on it's maximum setting, it will pop up and ask you to confirm any time that you run an exe file it doesn't recognise. This is an extra barrier against a virus executing.
You should set windows updates to be "check automatically but ask me before downloading or installing", you should set an alarm on your phone to check them yourself every tuesday evening (late) or every wednesy morning (as soon as you turn the computer on), install any security updates immediatly, check online for others reporting bugs or unwanted behaviours in the non-security updates before you install them. I personally advise this as a better choice than fully automatd updates, as fully autmated updates run the risk of your computer being unable to boot if a really buggy update is released. This also avoids the stress of installing an update which spoils your work flow or automatically changing settings to ones you do not like.
Your browsers and security programs (antivirus /antimalware) should be set to update fully automatically, as should your plugins (things like flash player).
Others will dispute this point, but I will add it for completeness, you should not use IE as your browser, firefox with NoScript is your best choice, chrome is ok for sites which are really trustworthy and never display adverts. Internet explorer is the browser which is most often targeted by exploits, but without a script blocker and ad blocker other browsers are vulnerable as well.
For futher hardneing you can run a whitelisting program, there are several, their main function is to prevent ransom attacks but they should stop othr types of virus files from executng as well.
At a time when you know a computer to be clean of viruses you can make system images, windows 8 an 8.1 (and maybe windows 7)contain the ability to do it bult in, on windows 8 it's under control panel-->windows 7 file recovery-->make a system image on windows 8.1 the function is found in control panel-->file hitory-->system image backup . A system image lets your return an infecte computer to an earlier known clean state. You can also make system images with macrium refect, it's best to have both windows and macrium system images made. You should make two or three system images when the system is new and clean, all on external drives. Then another few once you've finished the process of installing all the programs you might need. You don't need to make regualr system images after that, just keep the old ones safe. System images are for backing up the state of your system and it's installed programs, they are not meant for backing up personal files.
You should also back up your personal files and the offline installer exe files for any trustworthy programs you use, so in the event of a disaster it is easy to recover your files from USB stick or DVDs and to reinstall any programs you use, even if they are no longer available online. You only need to back up program installer ee files once or twice, personal files should be backed up regularly, the easiest way to do this is to manually copy the files from the computer t the USB, DVD,cd-rw or external HDD.
Edited by rp88, 02 May 2015 - 01:14 PM.
Back on this site, for a while anyway, been so busy the last year.
My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB