Granted antivirus is a filtering service. If you can avoid the download, browsing is downloading, then you have nothing to filter. Try keeping to known safe sites. Unfortunately, even safe sites can at times get infected. I supposed it's possible to use hardware appliances, in addition to software services, to filter internet traffic well enough to avoid infection. Although I've never enacted such a web or series of filters, each one finer than the last. Each tasked to filter out certain traffic and allowing the rest to proceed, all starting with DNS filtering. The idea is that not too much is filtered at any one junction and load-leveling the process so as to maintain both adequate protection and speed. So through this process you, in theory, you could run virtually any OS you want, patched or un-patched. An idea that has been lingering in my mind's eye for a while now. This doesn't necessarily prevent trojan horses that can face filtering algorithms undetected.
I have NO interest in "upgrading" to Microsoft's latest Spam delivery OS.
But beyond all the "Push" content & ads trying to get you to buy stuff though the MS "Store", the interface is both clunky & ugly. On my 1.44GHz Win10 tablet, I can't even play videos smoothly (freezing every 5 seconds then racing to catch up) when I set my wallpaper to "slideshow" and the source Dir is on the network. SMH
As a power-user, I like having more bare-knuckle ability to customize/arrange my menus & add/remove items from the Start Menu.
If I must change OS's to upgrade to the latest hardware, I'm more likely to make Linux my primary OS (Wine does a decent enough job now) dual-booting to an unregistered "free" copy of Win10 for those few programs that absolutely need Windows. Presently, it's the reverse with Win7 as my primary OS and Ubuntu for emergencies.