One of the computer support questions we get asked a lot is "If I have Antivirus software installed on my computer, how did I still get a virus?"
The first thing we'd want to confirm is that you're getting regular antivirus definition updates. For your Antivirus software to work, you need to constantly get updates for the latest threats. Years ago, these updates came out once a week, now updates are issued many times a day. Another thing we'd check for is that typically the free versions of Antivirus software don't have "rootkit" protection - to protect against software designed to conceal adminstrative control of your system - your antivirus software needs to include rootkit protection. Another thing we'd look at is your operating system - Security patches should be kept up to date, and the newer 64-bit Microsoft operating systems have mandatory signing of kernal-level drivers to help prevent concealed processes, but this isn't fool-proof either.
The latest threats involve what's known as polymorphic viruses that change themselves to avoid detection. Its like a mutation. This is how viruses can stay ahead of Antivirus protection and users can do everything right that they're supposed to do, but still get a virus. Unforunately its basically a game of cat-and-mouse - as the protection gets better, the threats get more agressive. Bottom line is that you can minimize your risk level with regular antivirus definition updates, up to date rootkit protection, up to date operating system security patches and a 64-bit operating system, but the risk is still there.