Although running a sandbox environment is ok, it does not prevent all malware attacks. The best defense is to have a good layered security with an AV, firewall and on-demand scanner. It will save you from all kinds of attacks wherever they may be coming from. There are actually some malware that's designed to attack sandbox environments.
i always have my firewall and standard AV running and i have my scans scheduled every night, but i figure most people in any way serious about protecting their computer already do those things.
i just mention it because a lot of people seem to have never heard of sandbox and for me it has been the biggest difference with any of my setups. my previous computer had everything BUT sandbox and it ended up occasionally having infections, whereas with this desktop, same software, but with the addition of sandbox has allowed it to stay clean.
anyone that uses the internet should always use the layers you mention, especially since all you muhfuckers are surfing around some sketchy websites.
