For those of you who keep having problems install a firewall. The one with XP only blocks incoming traffic, not outgoing, if you're already infected it does nothing to protect you from anything that might install more or use your bandwidth (and IP) for attacks on others.
Turn off the windows services you do not need, services such as Remote Desktop are extremely exploitable and the average person does not use this. If anyone remembers the sasser worm it would exploit this, using windows default " restart comp on service failure" to well.. restart your comp. On services you might need, set to manual start or restart service on service failure. This can have the added bonus of speeding up a comp a little too, as less memory is used loading and running them. A google search for terms like "unnecessary windows services" or "unneeded windows services" should provide you with a list of unneeded ones and settings for others, as well as where to find them.
Antivirus programs, Norton is generally consider bad, known for having "holes". Avast is good but can sometimes miss things or not be able to remove all the pieces, in which case manual removal as I mentioned before. It does scan certain commonly used ports as well, such as msn. I do believe Panda antivirus is suggested as a good antivirus as well.
It's usually suggested that people don't use IE, firefox and opera have popup blockers and are somewhat less targeted.
There's probably a couple things I'm forgetting
but those are a few that help the most. Doing this I've only had one actual trojan infection in 7 years, antivirus programs and firewalls have prevented the rest. Unfortunately an icky one called yazzle that was a bundle that installed other stuff made it through, I suspect it was embedded in an ad or in a post on a forum. It didn't stand a chance though.