As Bob said you need more than simply a software FireWall. they are not infallible, generally they keep out malicious/harmful content that has not been initiated by the user.

Much of the, malware/trojans/spyware/adware/hijacks, that finds its-self on your computer (passed your firewall) has probably been as a result of deceiving the user to inadvertently click on a link/download a piece of software (with a hidden payload, p2p, etc.), this is allowed to pass as it is done/initiated by the user.

Don’t just rely on one level of defence, you have to have defence in depth.