This is a complicated topic, and there isn't one central thread about it, more like dozens. Furthermore, there is always a trade off between security and convenience, so it really depends on what you are willing to do. For example, I would tell you to ditch Windows, but most people aren't willing to do that, or have special requirements for using it. The simplest advice is to use Tails. It solves a lot of problems for you: it has a suite of torified applications and provides transparent proxying to protect against data leaks. It's Linux, so malware is pretty much nonexistent. It's portable, you can put it on thumb drive which can be flushed down the toilet in an emergency, but you also have the option of enabling a persistent volume, where you can save data like URLs (to protect against phishing) and strong passwords.