The only malware I've ever had, was because I mistakenly rebooted my PC, with a floppy disk with a known boot-sector virus on it, that I was playing with.
I don't run AV software, although I've installed and run MBAM a few times just for kicks.
Actual, no that's not true, I did get a virus online once last year. It was on my HTPC, which was running XP at the time, as adminstrator (didn't want to bother with the welcome screen, since it was a HTPC). Went on vacation, came back, and was surfing pr0n sites, when I fell victim to the Help Center exploit. Pretty scary when command-prompt windows start popping up on your screen, doing who knows what to your computer. Well, it was my fault, I didn't go to windows update when I got back from vaca, so my computer was missing a few months worth of patches. I learned my lesson. Paved that system, and installed Win7, not for security, but because I couldn't get hardware-accelerated H264 decoding to work in XP at all.
I don't torrent or fileshare.
Practice safe computing, and your risks go way down.
(N.B. XP Pro is relatively bulletproof from viruses, perhaps even moreso than Win7, if you use a limited user account and enable Software Restrictions Policy. Then, even if a malware downloads onto your system, it cannot execute and take hold, not even in the limited account.)
Edit: I don't see how an AV software would have prevented the IE exploit for Help Center either, so that wouldn't have protected me, even if I were running AV.