One of the problems, IMO, with making recommendations in this scenario, is that it's hard to evaluate precisely what would provide benefit to a specific user without knowing a lot of details about their usage; generalizations lead to generalized advice and while very valuable, if you're looking to get some security solution specific to your friends usage, that's a tall order.
I'm of the mind that regardless of the security solutions/software in use, nothing will protect a user from themselves. For example, if a user is easily convinced to turn off their AV then it won't matter; if they will open E-mail attachments, run executables they downloaded, etc. while following advice that it is a false positive and to disable the software, then what good is the software? Similarly, no amount of AV protection is going to protect somebody from falling victim to say the Microsoft Scam E-mails and stuff. That takes a sort of computer security literacy which has to be learned, and cannot be gained by merely installing security software.
Most consumer-aimed malware, I expect, is largely distributed by exploiting the weakest link- these aren't usually security exploits, but rather just giving the user enough rope to "hang themselves" with. Being security conscious means being aware of when somebody is having you tie a noose; an AV program is a tool that is intended to effectively warn you when somebody has you tying a noose. That can be useful, but it becomes less useful if a user can be convinced that they are lying. (The aforementioned "disable your AV before running this as it's a false positive" stuff)