I think using both software and hardware firewalls is good. The software firewalls tell you if you caught a Trojan because they monitor suspicious outbound traffic packets from your computer (something that the built in MS firewall dosn't do BTW.)

I would go with Zonealarm or Sygate or something like that that has been around awhile and has a lot of happy users. With security you want the tried and true.