Hmmmm...I don't really run any tweaks related to security. I used to run with a LUA on my work laptop...but found that it wasn't really doing anything beneficial for me. The other machines where I don't use a limited account seem to be fine as well.
I leave UAC enabled (although not on high), and I use the Windows 7 firewall along with my hardware firewalls (at work) and my NAT firewall (Linksys router at home).
With regards to AV, we use Trend at work, and I use MSE at home. While neither product seems to really ever find anything on my computers, i guess I don't want to go completely head in the sand and have something crop up which "might" have been preventable.
The number 1 thing which I changed which pretty much stopped problems from happening for me, was getting away from piracy of any kind. Once I quit searching for activators, serial sites, warez sites, commercial software keys, and software which I didn't pay for...it seems to have reduced issues by about 99.99%. And I gave all of that stuff up 6-8 years ago.
I keep mbam around, although it pretty much never finds anything. I also run Spyware Blaster from time to time, from Javacoolsoftware. SpywareBlaster® | Prevent spyware and malware. Free download.
. However, I'm unsure if that has really prevented anything either.
The #1 thing I do to keep my machine as light as possible, is that I test and play with software exclusively in a VM. And I load only what I absolutely need on my desktop. This keeps it fast, and keeps plenty of space on my limited space SSD for the OS. Any of my questionable web surfing (like when work forced me to try to jailbreak an iPad), is usually done within a VM running sandboxie.