The free offerings from AVG, Avast, Antivir and Microsoft are all pretty competent, as are most of the ISP offerrings.
Do not be tempted by Comodo's free suite, as the antivirus is inferior to all the above.
There are other things to use, such as the safety options in a lot of browsers (avoid hitting KNOWN badsites).
Threatfire is another one worth looking at as an additional protection.
And "Close security holes" generally means keeping updates current, particularly on all Internet exposed applications, there has been a recent security update for Adobe PDF reader, for instance.
Also, where possible, replace vulnerable applications with less vulnerable, for instance, Pegasus mail has a reputation for threat resistance, though with sensible settings, even Outlook Express can be made more resistant, by defaulting to plain text, or restricted zone.
Foxit Reader is potentially more secure than Adobe for PDF
Basically, your antivirus should be the last line of defence, not the only one - if something hits that, it's because your own caution and safe settings have failed.