My post started from a talk I had with one of my colleagues that manages the company laptops which should be for "work only" yet people think that if they clear cookies and cache and history "no one will ever know". It was to make the point that most people don't really get the concept of security online (just like they used to share their whole C:\ drive including hidden folders from where you could dump their Firefox profile for example and get password, or the system password hash).
As for "where's the danger?", the more info I have on you the easier it is for me to find a point of entry: be it shitty security on one of those websites, social engineering or just paying someone from the inside to give out your data, but yes, I agree that this is a very targeted attack and wouldn't be made on a random person on the internet.
It's like KavazovAngel who runs as admin without password since he's the only user on the machine despite this leaving him wide open in case he doesn't have remote assistance and remote connections off which can be exploited to gain access to the machine: had he had a password it would of been another layer after that; couple that with user lockdown after, say, 3 wrong log-ins and it would be even more secure.
Or Drat, who despite using a firewall, chooses not to leave it on auto-update which can lead to exploits between the time a patch is released and he manually updates, not to mention continuing to use a security product that in his own words is buggy. Or how he has an antivirus program but keeps it off most of the time: if you scan after you've been infected most chances are that you won't find anything - the whole point of modern day antivirus software is to find the malware before it gets run as cleaning it afterward is more complicated and may not have the desired effect of completely removing the virus.
I don't consider myself paranoid about security, I just take it seriously as I (1) have personal data that wish to stay that way and (2) must adhere to company security regulations as an infection on my remote machine could mean compromising the whole server farm (unlikely again, due to the security measures on their end, but the whole point is to minimize the vulnerable area of the system).

Avast! Free. Each week I use CCleaner, Spybot S&D.

virtualbox -> revert to snapshot

Windows Vista with microsoft security essential and windows firewall.

Eset Smart Security 4, and I've never had issues.
Either there haven't been any virues, or there haven't been any reported viruses.

COMODO Internet Security, AV, Firewall, Sandbox, VPN, it can be extremely paranoid, but it's nice to know what's being changed in your computer, and I have several times had good use of it, especially because of my class"mate" who keeps trying to install his trojans and other fun stuff on my computer...

I use Avast! as my AV - been using it for a couple of years now, always worked magically, with minimal system slowdown.
At the moment I'm uing Windows Firewall, but may be switching back to ZoneAlarm Firewall since their free version has launched (my security suite subscription expired).
Other than that, my router itself is firewalled and configured for a variety of different attacks. In windows I also use Spybot as well as its built-in TeaTimer for registry monitoring. Think thats about it... well... apart from the most important security feature:
Our own intelligence. People often overlook this one. If you keep it up-to-date it stands a good chance of stopping many phishing and malware attempts :)