I don't have a router far less a "stealth mode NAT router" whatever that is, just an ADSL modem
The ADSL modem can often have a router / firewall built into it.
If you don't have a hardware firewall, you should. Especially one that allows you to connect multiple devices wirelessly or wired.
The router (filrewall) that sits between your cable / adsl modem and your PCs (it may also have a wireless network) must (by definition) be a NAT (network address translation) router.
This means that the router has a single public (routable on the internet) IP address on the "outside" and a private address range on the "inside" to allow multiple devices (your PCs) to connect to it and thence to the internet.
NAT on its own is a good first line of defence, Stealth Mode simply means that the router doesn't reply to incoming requests on closed ports - e.g. ICMP PING requests - originating from the internet, instead of simply rejecting them (i.e. negative response). It's not actually particularly helpful or necessary, and in the case of ICMP actually in contravention of Internet standard RFC 1122.
In addition to NAT, most home firewalls have 2 further levels of defence - port & address filtering and stateful packet inspection (SPI). The first simply means that certain TCP/UDP ports (that support certain services, e.g. Telnet, FTP) are blocked, and also that IP traffic to / from certain IP addresses is or can be blocked. SPI is useful because it helps to prevent "spoofed" packets (e.g. replies to IP packets you never sent) from fooling the system into allowing them through.
This is a VERY cursory skim over firewalls, btw! As you can imagine, it's quite a big topic!
Rule of least privilege!
There are 3 levels of user accounts in Windows XP, User, Power User and Administrator. Running as a standard user means that your account does not have any elevated (admin) privileges, so that when the trojan / virus comes along to try to install some nasty on your system it is unable to do so. If you were running as an admin or Power User, it would be able to install the malware.
In Vista, MS removed Power User, and tried to force everyone into using standard User - howls of protest from the masses.
[RANT]
Lots of software writers were too lazy to code properly for non-admin accounts (legacy from Win 9x where security didn't exist), and hence much software won't run unless you are an admin. It's ludicrous, because all it takes is for the install program to ensure that temp / user files are placed correctly to be accessible to each user, not dump them into the Windows or Program Files folders (where standard users have read-only access).
[/RANT]
SD