Within a recent review computer protection programs, all vendor's were scored poor on XP. The vendors and testers claim that XP is not as secure as Vista nor Windows 7 rationalizing their lower scoring. All programs will fallback asking the computer's operator when they detect a questionable action, if the operator really wants to over ride the "trip wire" alert; they will allow it.
The main way these systems were infected appears to be poisoned websites viewed with Microsoft Internet Explorer. In 12 reasons not to use Internet Explorer, ever, ComputerWorld's Defensive Computing Michael Horowitz lays some clear reasons for avoiding this problem by just changing your web browser habit.
I use FireFox, Opera, Seamonkey, and Chrome everyday. I suggest for you to use one as well.