AV nowadays is less important now. Patching the OS and software applications is the number one important step to keep in mind here. And a firewall with HIPS.
There are also Group Policy settings in Windows also which is overlooked. Of course, An average PC user would not think of this. But well worth the effort to lock down the OS and IE browser via the GPO Editor.