Software firewalls are close to useless against a serious attack. The best option is a router or an old pc dedicated as firewall with linux and iptables.
If that's not an option for the time being, just use the default windows firewall.
http://support.microsoft.com/kb/283673

The best thing you can do against malware in general is still not running as admin unless you need to. - I think it's called 'restricted user' or something - you can just set it back and forth in system - users. And set a password for the admin account at least.

Only download programs from download.com, sourceforge, freshmeat... sources you can trust.
bigboobsteenanaldildosexasianshemale.com is not a trustworthy source

Do the windows updates regularly. I know lots of people just disable them - set it to "notify, but don't download or install" - and install them asap after they're out. Same with software updates... update your programs regularly - especially those that are use a network connection.

Whoever said it: chkdsk is a good idea. Also inspecting your HD's health every now and then, especially if you're not using a raid 1, 5 or jbod array. - You'd be shocked how much data is lost on a regular basis. It's only thanks to the self-healing ability of drives that these things work at all.