There's no such thing as perfect protection. Even if you have the best firewall and antivirus software available, and keep it up to date, something might get through. But knowing how they'll get through can help you block them.
First, do you really have the best security software? Windows' own firewall, for instance, doesn't protect as well as a good, third-party firewall. I currently use Comodo's free firewall (there's a separate x64 version). It's an annoying product, constantly interrupting my work to ask if I should allow something or other to get through, but the security is worth it.
But just because you like a firewall doesn't mean you should go with the same company's antivirus software. For that job, I prefer another free program, Avira AntiVir Personal.
Of course, you shouldn't just take my word for it. Check out PC World's Antivirus & Security page for more information.
Whatever software you use, keep it up-to-date. It should do this itself automatically, but every so often, check it yourself. Avira pops up a notice every day when it's done updating. You can turn that off, but I choose not to. I like that regular reassurance.
And back up more than just your security software. Other programs, especially browsers, can let malware slip by in such a way that your protection never sees it. So keep your operating system and browser up-to-date.
Be suspicious. Don't click on a link in an email that might not be kosher. If a program you didn't install and launch tells you your PC is infected, assume it's about to infect your PC. Only download software from reputable sites. And every week or so, scan your hard drive with an alternative anti-malware program to get a second opinion.
You probably won't get hit if you do everything properly, but you might. New malware appears in the wild every day, and somebody will get infected with it before their software updates itself. That someone might be you.
Finally, if a scan finds something malicious, keep in mind the possibility of a false positive. I've seen it, where a program that had been sitting on my PC unchanged for years suddenly turned up as containing a brand-new, quite evil Trojan. It turned out to be innocent.
Read the original forum discussion for other people's suggestions.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.