Get a firewall. I can very highly recommend the *free* ZoneAlarm firewall available for download here: http://www.ZoneLabs.com
Other firewalls are available – some far far better (like IPCOP Personal Dedicated Hardware Firewall) – and require minimal requirements to use them.
Where an antivirus program constantly scans memory or your system for “viruses” according to either actual viral fingerprints within a definitions file, or heuristic analysis of “virulent behavior” a firewall acts to monitor incoming and outgoing activity on your system, individually asserting rights management for each application either universally (e.g., allow outlook to always connect to the internet) or individually (ask whenever any inbound request is made to your NetBios port(s)).
The difference is between being re-active and being pro-active.
If you have a virus that does *not* operate within the guidelines that your antivirus product “expects” from a virus, then you’ll never know about it. Good firewalls will tell you whenever an application attempts to access the internet (outbound), and when another computer attempts to contact your system (inbound). If a virus cannot get *to* your computer it won’t be *on* your computer.
It is also important to add “localhost” and “127.0.0.1” to your “restricted sites” settings in Internet Explorer.
* Open Internet Explorer
> Internet Options
> Restricted Sites
> type “localhost”, click [Add]
> type “127.0.0.1”, click [Add]
Adding these two values to your “restricted sites” list forces any requests to html or script pages located on *your* computer to operate in “restricted” access. Some viruses will effectively copy themselves locally to your computer as a means of gaining privileges before executing themselves. If you have added your local system to “restricted sites” then those viruses will be unable to cause any harm without asking your explicit permission first. You should say “no” if they ask. <g>