I'm a computer systems administrator (among other things in the IT field) which means I handle servers and networks, and sometimes I have to spend a lot of time cleaning up malicious software off of desktop computers.
Nowadays, it's not enough to run just an anti-virus program.
Look at MalwareBytes Anti-malware. The free version is usually more than enough. Most of the garbage out there is more malware (scareware, ransomware, etc) than virus. An Antivirus product won't deal with malware in most cases.
As a general rule: Never pay anyone for something you didn't ask for. scareware and ransomware are what I'm talking about here. You suddenly end up with "something" on your computer, and it's saying there's something bad, and it will remove it if you pay them. Don't. Remove it, and use your AV program and Malware scanner to make sure that all traces are removed.
And please avoid Norton. Out of 20 computers that I remove real viruses from (not malware) easily 17 of them will have up to date Norton products on it. I think they spend significantly more on their marketing than they do on Research and Development.
Microsoft's Security Essentials is working really well for me and my clients. It's also free.
Macs are almost as vulnerable as PCs, if they're used incorrectly. At the end of the day, you can do the least damage to a machine, Mac or PC, by running as a limited or unprivileged user. More often than not, you'll find that Windows has set you up as an Administrator. This is unsafe. Some people will run as a privileged user on a Mac too.