I'm running Windows 7. I keep everything patched using Secunia PSI (score = 100%). I use the MVP HOSTS file replacement to block certain domains. I use Chrome exclusively. I basically use my computer for productivity tasks and surfing the web - nothing particularly risky. As far as anti-malware software goes, I have Windows Defender (integrated in Windows) and Malwarebytes. I paid for MBAM and I keep real-time protection on. Is this enough? Or might malware slip past MBAM and Defender? One more thing: I let UAC auto-elevate processes requesting administrative privileges.