Install noscript, and use it to turn off plug ins except where you want them. My computer is set with a default deny policy for browsing the internet.
I have noscript, I block everything untrusted, including flash and iframe, I also have CookieSafe, and I block all cookies except those I want, and I have adblock plus to block all adds, and malicious tracking sites. NoScript will block almost all active content in Firefox. If that's not good enough install Opera, and configure it how you want it (Opera is easier to configure to block all content than Firefox).
You can always install Linux. That'll give you better security then taking your XP box off-line and transferring data with a flash drive.