The "correct" answer is: "Yeah, boot BSD or Linux"

Seriously though, "Windows XP SP3" ???????????? that is very outdated, so upgrading to Windows 7 would be a security improvement. Windows XP was released in 2001 and obviously its core development took place before then. The service packs are mostly comprised of security patches and bug fixes, although SP3 did make it more SATA aware.

Windows 7 is pretty good in that it doesn't actually let you run as administrator even though you log in to an admin group account. You have to do it proactively.

No mention of wired or wireless internet connection? wired is more secure IMO in that it eliminates one potential attack vector?

Run Secunia PSI and File Hippo update checker. These will tell you if there are security patches for your OS and applications (Secunia) and updates for other stuff such as security software.

CCleaner to eliminate data remnants and garbage heaps where cybercriminals like to hide their stuff.

Turn off your computer when not using it and/or disable internet connectivity when not needed. If you aren't there you cannot be seen or attacked, and, if your computer isn't always on, it presents less of a time window of opportunity.