1) Use a virtual machine with Linux for surfing.
2) install software, only from off site.
3) do not use flash drives (they are even more dangerous)
4) Windows updates and antivirus.
5) backups - a must.
By the way, I do not rule out that the system is already infected with something, for example, Zeus.
In 2010, a reward of several thousand euros was awarded for my VK profile.
Then I was still on Windows.
Attempts at social engineering was dofiga.
But everything is fine. Although it taught me to take security more responsibly.

Do not download or run any program from the left sites, from the left letters, and from friends.
In general, try not to climb on the left sites, especially if they offer to launch something.
If you need software:
For free software, do not be too lazy to climb not into the first Google link, but to clarify that this is the official site of this software, and that the software does not contain any greetings from mail.ru and other similar installers.
For broken software - use proven torrents, where registration is required and a specific torrent has been downloaded and tested by dozens of people.
These simple rules are enough to be 99% sure of the reliability of protection, even if you do not have any antivirus at all.
A vulnerability in the OS and the programs used is of course possible, but in principle an attack on you is unlikely. If you really need to check some software - virtualbox, make a backup of the configured virtual machine, if you need to roll back, and run it there.

Guys, why, when it comes to keyloggers, a person is immediately labeled paranoid, as if keyloggers do not exist at all. Three years ago, I somehow experimented with them myself, uploaded them to my friends on the computer, and then showed them. I don't have 100% confidence in the Nod 32 antivirus, and even more so in the "leaky" Windows system. I can't switch to Linux, because all my software is based on Windows. And I observe hygiene and don’t wander around the garbage dumps, but I’m afraid that somehow they can throw me a Trojan - there are reasons for that (is a Trojan or a keylogger a rare case?).

at least you need to switch from nod32 to another casper or doctorweb antivirus, practice showed they are still more cheerful.

This is paranoia.
1. Use a standard user account
2. Increase the security level in the account control. records. In fact, notifications will pop up more often.
4. And follow the banal hygiene products. Do not install any unknown dregs, do not climb in the garbage heaps.
5. You can encrypt anything in the file system and decrypt it only when needed.

raise a virtual machine in a regular user account and install Windows 7 on it, from which you can continue working on the Internet