Here are a few things I put together off the top of my head, trying to avoid focusing on what was already mentioned. There's a lot more I could get into but I tried to limit it to the ones that are of higher importance and not difficult to do.
-You should put 3 types of security software on your computer. Anti-malware, an anti-virus and a firewall.
-For anti-malware, spybot search and destroy AND malwarebytes(both).
-For anti-virus I'd recommend Avast OR AVG(you can't have two AV's)
-For the above two, update and scan frequently.
-For firewall Comodo. In addition to the actual firewall, Comodo has a great live system protection that is better than avast.
-Ensure Microsoft Security Essentials is installed and running.
-there is a type of service called a web shield, which is included for free in avast(idk if it's in avg, I haven't used AVG in a while) that will automatically alert you if you try to go to a dangerous/fraudulent/impostor website. It also automatically checks the spelling to be sure you spelled it correctly and are not going to a bad website with a similar name to a legit website. It also alerts you on google search results to any bad website.
-the others were talking about the importance of keeping everything up to date. I hate to sound like an advertisement for Avast but it also includes a free feature that automatically checks for updates and even will auto install the updates for all your programs for you. The need for updates will be detected even before you start the program, which is helpful. Again, IDK , avg might have this too. I just know avast does. Of course you should be sure that you have microsoft updates set to the "automatically download and install" setting.
-ensure that you are using https if you are doing anything sensitive. You can see right in the address bar/closed padlock. This prevents people from intercepting your data.
-if the website you are visiting is even a little suspicious use the 'sandbox' feature of Avast(or other program) it will isolate that instance of the browser and make it almost impossible for it to do anything dangerous. I'm not giving up my porn, HELL NO :P
-read the fine print when installing anything. Even legitimate software will often try to sneak in extra tool bars and things you
don't want or need, which are often tailored not to be useful but to serve you advertising and track you. Always do 'custom install' and look for any sneaky 'extras'.
-never dl anything from the website CNET. CNET is a cautionary tale of how companies/websites that were once legit can sell their good name out to the maleware pimps.
-use strong (random/unguessable/long) passwords and never use the same password for different things.
-be sure that if any hardware/software you got came with a default password, that you change it!! Still to this day big companies are falling victim to this type of attack.
-automatically distrust any program that wants you to install it to give you better security or to 'boost your computer's performance' unless you have a way to know that it's legit. Almost always those will be a threat to your security and slow performance, ironically :P Only use ones that are tried and tested and well known to computer experts, such as the ones I mentioned.
-optional
-avoid sites like facebook(they make a complete joke out of your privacy), but if you want to use them be aware of the privacy settings and use enhanced log in protection.
-disable 3rd party cookies in your browser. You might need to put
google.com on exception in order to use some features of youtube, if you use chrome. I put this in optional but I'd really recommend it.
-use a wiping program like CCleaner, to securely erase deleted files which also removes unneeded files cluttering up your HD.
- disable java in your browser (homeland security recommendation) Java is rarely used now and is a security risk.
-doing a clean install of windows once in a bluemoon will give better security and performance
The most important thing of all imho.... backup your data to somewhere or something not connected to your computer.