AV is really a second line of defence. Basically, we're well past the point that signature scans can keep up, and heuristics can only do so much - the more you increase the sensitivity, the more false positives it generates and confusion sets in.
I've found the best primary defense is a good personal firewall. At the risk of being accused of shilling, I've found Comodo free version as an excellent example for windows (caveat, haven't used it for a couple of years now) - which keeps track of all processes and files that are requesting stuff over the network. It always alerts when a new event occurs and asks for your blessing before allowing. It picked up stuff that went straight through AV - and submitting what it alerted usually returned a new malware variant when vendors looked at it.
This is not a reason to not run AV - but a reason to think of firewalling as your primary protection.