Software Restriction Policy, available on XP Pro machines only, as the Group Policy Editor is not part of XP Home, is also a good layer of security. However, unless you're an undeniable expert user or an Einstein, you'll have a lot of "fun" trying to figure it out.
Simple Software-Restriction Policy is, like the name says, simple to use. The script provides an automated configuration which should suit most standard Windows setups (but can be customizable at will). Also works on Home versions of Windows, where Group Policies are not available.
Only download software from their original developer's website, or from reputable download sites. Using a firefox add-on called VTzilla from VirusTotal is another layer of protection to make sure downloads are safe. Scan the downloads again with your computer's antivirus before opening or running them.
WOT is another useful browser add-on you can use.
You can also use OpenDNS instead of your ISP's DNS servers. They're usually faster, more reliable and secure, especially against phishing scams.
Stay away from any type of file sharing applications (P2P, torrents...).
Avoid software of a questionable nature, especially free one, like YouTube downloaders, DVD rippers, screen savers, etc., which all include spyware or adware or toolbars or whatever unwanted applications... Some will let you choose to accept their installation or not, others will not ask for permission...
Don't forget to update software, especially Flash, Java (even remove Java), .pdf readers... The OS is far from being the only thing that needs to be patched... This is as important on Windows Vista, 7 or 8...
Make sure your important data is backed up safely. Making a full image backup of your entire system and an emergency rescue disk is not a bad idea either and might come in handy.