A few things I suggest:
Secunia PSI. Keeps all your software patched for you, automatically. It will keep reader, flash, and java up-to-date before their updaters even realize they're out of date.
Google Chrome. Supports more mitigation technologies than any other web browser. DEP, ASLR, SEHOP are all supported. Also chrome uses integrity levels for sandboxing, much like IE's protected mode, and this
http://chrome.blogspot.com/2012/01/speed-and-security.htmlConsider upgrading to Windows 7. A lot more mitigation technologies are available and enabled by default. You can enable more mitigation technologies by downloading Microsoft's EMET (Enhanced Mitigation Experience Toolkit) here
http://www.microsoft.com/download/en/details.aspx?id=1677^^ Some mitigation technologies are not turned on by default for compatibility reasons. If you turn them on and all of your software works fine, then great, keep those settings. Just pick the "Maximum Security Settings" profile in EMET and if it doesn't work out, dial it back down to the default profile. ^^
Adblock Plus. Whatever browser you use, you should consider Adblock Plus, since a lot of malware spreads through infected advertisements. There's also a maintained malware domains list for Adblock Plus here,
http://adblockplus.org/en/subscriptions Scroll to the bottom.
Finally consider a malware filtering DNS like Norton DNS dns.norton.com or DynDns Internet Guide setup.dynguide.com.
--Ian