One suggestion I've read about is to have a second computer that's never connected to the internet (ideally, it doesn't even hard the hardware to do so) and you encrypt/decrypt off that computer only. Then your "regular", internet-connect computer you use to send and receive files. Assuming you can get your friend to do the same thing, then you'll defeat a lot of possible exploits, keyloggers etc.

I also almost never use Windows. I have it installed on one machine right now which I almost never use, once I get important files off the machine I plan to wipe it and install GNU/Linux which is what I normally use. Open-source and almost never targeted with viruses vs. tons of security holes and allegations of numerous backdoors and vulnerabilities with Windows.