For security purposes, use Adblock Plus, uBlock Origin, or equivalent. Use decent adblocking filters (EasyList, EasyPrivacy, Fanboy's Annoyances, Disable Malware, etc). Whitelist sites you trust if you want to support them (or consider a small donation instead if they have that option). Consider getting the element hider addon for ABP (or an equivalent feature for whatever you use), it's really useful. The shortcut to use it is ctrl-shift-F3 by default.
Consider using something like NoScript or equivalent and only whitelisting sites you trust
Failing that, at minimum, use an addon that blocks Flash until you click on it (Flashblock for Firefox, Chrome probably has something similar, you can accomplish this in IE by going into plugin settings and deleting the * entry from Flash's whitelist) and whitelist sites you trust that use Flash frequently (like YouTube)
Keep your browser up to date
If you have Java on your system, keep it up to date, disable any browser addons for it, and go into the settings and make sure it isn't set to be able to run from the browser. Also, up the security settings on it. Highly recommended: remove it entirely if you don't need it. I took it off my system a long time ago, the only extremely common application I know of that uses it is Minecraft, but I think there might be other builds of it that don't require Java. If you use SocketPunch, consider
FalconPuncher instead.
If you have Flash on your system, keep it up to date. If you don't power off your computer frequently, check at least once a week for updates (on Windows, Control Panel -> System and Security -> Flash -> Updates -> Check Now). I would say remove it if possible, but there are an awful lot of sites that still use it and I like my Flash games.
If you use Adobe Reader, keep that up to date. If you use an alternative PDF reader, keep it up to date, but it's probably less likely to be an issue. You might want to consider using one of these alternatives if you don't do heavy work with PDFs; I like SumatraPDF, personally.
Keep Microsoft Office or whatever equivalent you use up to date. If you're using office software that no longer receives updates, consider switching to LibreOffice.
Be timely with your operating system updates, don't put them off forever. Don't use a version of Windows that no longer receives updates, or at least don't use it connected to the internet or outside of a virtual machine.
Use a decent free anti-virus (e.g., Avira)
Don't run executables that don't come from sources you deem sufficiently trustworthy
If you must run such an executable, consider doing it with a program like Sandboxie or inside of a virtual machine
Learn what your anti-virus' and browser's warning screens look like. If you ever get a warning screen that doesn't match one of these, close it. If you can't close it, don't click anything, kill the process (in Windows, task manager -> processes -> firefox.exe/chrome.exe/iexplore.exe) and don't recover that page when you start your browser back up.
For installers bundled with crapware, there's usually a way to bypass installing it, but it's almost never obvious. Sometimes they put the button to bypass it in the wrong place or label it something weird, sometimes they force you to hit "advanced options" and check or uncheck a box, etc. Use your head. Don't use programs with these kinds of installers if you have other reasonable options, though.
Keep UAC on. At least have it on the second-to-highest setting. For programs that don't play well with UAC, try running them as administrator or in compatibility mode for Windows XP. Failing that, install the program to a folder in your user directory (e.g., "C:\Users\yourname\Apps").
If you get infected, Malwarebytes is pretty good at getting stuff out that regular anti-virus software has issues with. If you're infected with something specific, look up specific removal instructions for it. Frequently, someone like Kaspersky or Symantec will have a tool that removes it altogether, other times there are specific instructions that tell you exactly what you need to do to get it off.
