Really depends a lot on how you use your system and how much you want to learn about firewalls.
Many still swear by the Windows firewall or a NAT router only, which give excellent protection against inbound threats, generally with no/little configuration and maintenance. The Vista firewall even has outbound protection which can configured simply using a program called "Sphinx".
In terms of the software firewalls, this is where you start getting into the more advanced outbound protection and tailored inbound protection.
Zone Alarm Free is generally considered the simplest to use, gives adequate protection. I have used it, my wife uses it now.
PC Tools Firewall Plus is also highly rated, but I haven't used it
Online Armor Personal Firewall is what I use now, gives excellent protection and is not too intrusive. Has some specific features valuable for wifi users that got me to invest in the paid version.
Comodo Internet Security I have used in the past, and it is a bit more complicated to use and maintain, but also gives excellent protection. May teach you more about TCP/IP and firewall maintenance than you want to know, but new releases tout improved usability. Now a free suite, but you can install just the firewall and the HIPS (Called D+).
And I have also used a bunch of others that generally were OK too, some overly complicated, some with free versions with too much missing from the paid version, some I just didn't like as well as another.
Sites like
http://www.matousec.com/projects/firewall-challenge/results.php rate firewalls for what is known as "leak protection", or ability to block outbound malware that gets past the AV. Because of time delays between discovery and protection, there may be a period of vulnerability if you are unlucky and get hit by a virus no one has seen before. Leak Protection, usually provided by a HIPS (Host Intrusion Prevention System) looks for malware by monitoring programs and alerting you if they take actions that might indicate they are malicious. Unfortunately, a host of your usual programs may also take those actions, so they basically give you an alert and let you worry about whether the program is malicious or just doing what you told it to do, like install or modify something. So firewalls usually contain a HIPS these days, some more effective than others. If you do things like P2P or visit porn sites and warez sites, you are a high risk user and really need to worry more than the normal user, but a good HIPS should protect you along with your AV.
So tell us a little about your internet usage and maybe someone can be more specific. But any on the list above (and others may have different preferences too) would be a good choice as a free firewall. And it is important for you to try a firewall out and see if you are comfortable with it anyway-all have some learning curve.