It seems to me that a reactionary approach to the malware problem is doomed to fail from the beginning, and that there must be a better way. And indeed there is, or at least I think so.
The solution is to change your way of thinking from accepting that malware will eventually get onto your system and devising a plan for dealing with it, to trying to prevent the malware from ever getting onto your system to begin with.
Don't get me wrong, it's good to do a little disaster planning, and to be prepared if the worst happens, but why not focus your energies more on preventing the disaster from ever occurring?
To that end, I've borrowed some excellent tips from someone else. The beauty of them is that they're all very simple, and following them nearly eliminates the threat of malware. It's up to you if you want to follow any or all of them, but the more of them you follow, the lower your overall risk.
1: Don't use, with the lone exception of getting new security patches, Internet Explorer or any browser based on Internet Explorer. Make a choice between Opera or Firefox, and avoid IE like a diseased animal that should be put down
2: Avoid using Outlook and Outlook Express
3: Avoid all file sharing programs
4: Avoid all pirated programs
5: Make sure to keep current with all security updates which Microsoft tends to release every second tuesday of the month. It's the one and ONLY time you should be using Internet Explorer