I would suggest that if one operates with a hardware firewall, good (regularly updated) antivirus and (crucially), not as an admin then one really has very little to worry about. AV should be set to on-access scanning, with regular full sweeps.

A SW firewall and anti-malware are good to have, but not as important.

Obviously, if one is using public access points with your laptop, then a good SW firewall is essential (not Windows, although it's better than nothing). And again, running as an ordinary user.

SD