What is the best way to deal with malware?

Please let me know what techniques you've found useful to tackle the growing menace of malware.

Do you find techniques such as using low privilege for day to day operations to be something you can achieve? Running as non-admin should theoretically prevent malware from being accidentally added to your system.

How effective do you find anti-spyware software in picking up the presence of malware? Personally I think it's too late by then as the proverbial horse as already bolted. I'm keen to hear your views.

Please hit the "feedback / comment" button and let me know what you think. I'll use the input to dig further and will post something again soon.

Thank you.