I have tried several firewalls, but decided to go another route since I have a router. I liked Zone Alarm Suite and Pro but got tired of the problems and the kitchen sink syndrome. The threats are changing so I decided something radical, against the prevailing trend among geekdom. I decided to use the Windows Firewall in XP Pro SP 2, along with NOD32, Prevx2 (my outbound check), and Sandboxie, plus a couple of manual anti-Trojan and antirootkit scanners. NOD32 now has an antispyware component. The Windows firewall protects early in the boot cycle against incoming, if any gets past the router, so does NOD32, and Prevx2.
Run your browsers and email client sandboxed with Sandboxie and any malware that gets through the them will dissipate when you delete the sandbox. You have to willfully, with stupidity or ignorance and forethought allow some malware in. You have to willfully take it out of the sandbox onto your system.Prevx2 monitors Address Book, Creating a Server Listener, FTP Outbound,Hosts File Modification, HTTP Outbound, IRC Outbound, NetBIOS Outbound,POP3 Outbound, SMTP, TCP Outbound, and Telnet, this last I uninstalled; it also protects against Bypassing XP Firewall and monitors to see if it is modified; it also warns against a desktop webpage; it monitors MAPI services; that's just the outbound. It works well with NOD32; although you could use a free av like (in order of effectiveness) Avira AntiVir PersonalEdition Classic, Avast!, and AVG. But with Prevx2 almost any av will do, even ClamWin.
I use Mozilla Firefox and Thunderbird, and Opera (most secure browser out of the box without adding anything; although to you can, with extensions, do it with Firefox), K-Meleon, K-Ninja, and IE 7. Sandboxie supports all.