As any computer security person will say security needs to have layers (like an onion!) to be effective. Plus even if you have a free AV (I personally like AVG) you can still get some of those supposed 'bell and whistle' features some AV companies offer when you pay.
- Firewall type behavior: why not jut GET a firewall? Comodo gives you a free firewall (its also AV) and even tells you when connections are attempted inbound/outbound. This will annoy people who just like to have a 'hands off' experience. Or those who got annoyed by Vista asking you permission to do things all the time. Microsoft also offers a free firewall for (duh) Windows users.
- Sandbox: When you sandbox an application, it protects itself (and other applications) in case something goes awry... like a buffer overflow. So in theory, if your IE gets pwned, it can't inject itself into other running processes. Google Chrome using sandboxing isolation by default to help prevent malicious attacks. You can run IE and Mozilla (or any browser) in a sandbox like SandBoxie to keep your internet browser 'isolated'. Consider it the black sheep of the family.
- Web Surfing: There are many sites you can visit which check the legitness of a website. McAfee has SiteAdvisor, Symantec has Norton has SafeWeb. However Web of Trust has a add-on for the major browsers which lists right next to the link if its been considered 'trusted' by the community (which anyone can join) and other sites (like PhishTank). AVG also offers this type of service as well for web browsing.
What I am trying to say is no matter what AV vendor you go for... you need to make sure you have additional features (host based or network based) to defend yourself.