As other people have pointed out, running a firewall is only part of the solution.
Assuming the firewall is active (i.e. it has not crashed or been shut down), you will detect things like sub7 - the problem being if the firewall has shut down without you noticing.
Having an anti virus scanner is a good idea, as it will detect things like sub7 before they get installed on your PC.
You can also add an extra degree of protection by being careful about which email attachments you open, and by setting your browser options appropriately - e.g. prompt for all ActiveX controls etc.
I'm not convinced that running multiple firewalls is a good idea, as they often conflict with other, which in some cases can make your PC easier to hack!