While its always hard to add anything to the always excellent advice of Schradenfroh, I might add that having the extra protection layer of some process control program with a host file does give you a back up to-----While it has excellent real-time protection, it does lack pop3 scanning. If anything tries to execute, the real-time protection will most likely catch it (assuming it is running & configured properly & the main program can detect it).
The point is a process control program will intercept and seek user permission before it allows something that slips by to execute---something like process guard, win patrol, cyberhawk, or spyware terminator are just four in a much longer list of available choices.
Even though there is almost no agreement among experts on what is the best security set up, its the novice that is most in danger because its the person that sit in the chair that is always the greatest vulnerability in any computer. So user education is probably even more important than the software used.
Fortunately this forum has excellent advice from people like Schranfroh, John, and Mech Bgon who all have compiled excellent guides. Its always important to review any programs you use because some are rouges that are worse than useless. And install malware so make sure whatever you choose is not a rouge.