Everyone talks about how people get infected but is there a guide around somewhere about how do I protect my computer from such attacks? I install all updates and I have an antivirus program but I don't know what else can I do.
Don't open dodgy files (like in emails), or if you must, do it in a VM.
Run adblock and no-script on your web browser, only visit trusted sites. If you must, use a VM.
Don't download and install software you don't trust. Either it should be a big company in the news regularly, have good reviews from people you trust, or it should be open source. If you must use a VM.
Backup your files regularly (and have offline backups, the data is the most important thing), reinstall your OS regularly (this gets rid of old and outdated software you don't remember; because I doubt you install all updates, have you updated Java recently? How about adobe flash or reader? How about the chipset drivers that likely came with your machine?).
I'm more interested in the passive infections where I get infected without my prior actions (some comments say it is possible). Java is not a good example because I program (sometimes in java) and it is always up to date. I uninstalled Flash and I have the automatic updates enabled in all software I use day-to-day. Doing regular re-installs is a good idea though. Thanks for the tip.