Hello MDRockstar and Welcome!
Real time protection:
CIS is a very solid product which should keep you safe... If you have the time , you can follow
this guide to better configure CIS to see if you can increase your security.
Additional browser protection:
It's time you start using a password manager ,this won't just make your life easier on the web but it will also increase your security as you'll be able to use very strong passwords thus better securing your online accounts.
LastPass (Free) -
link
LastPass is an online password manager and form filler that makes web browsing easier and more secure.
You can install the bellow add-on so that any downloaded file via Firefox will be checked with 43 AV engines from Virustotal.com
VTzilla (Free) -
link
VTzilla is a Mozilla Firefox browser plugin that simplifies the process of scanning Internet resources with VirusTotal. It allows you to download files directly with VirusTotal's web application prior to storing them in your PC. Moreover, it will not only scan files, but also URLs.
The scanning options are embedded in Firefox's context menu and download dialog, making the analysis process as easy as clicking a single button.
Virtualization:
You should give Sandboxie a try, really useful when opening to unknown/suspicious apps or going to shady/unknown sites (not that you should do that ..but it happens sometimes in real life)
Watch the below video with Sandboxie at work :
Sandboxie (Free/Paid) -
link
Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.
Extra protection:
EMET 2 (Enhanced Mitigation Experience Toolkit) (Free) -
link
EMET provides users with the ability to deploy security features built into Windows to arbitrary applications. This helps prevent vulnerabilities in those applications from successfully being exploited. DEP, SEHOP and ASLR are such security features, if you want to learn more about what they do, you can watch this
video from Microsoft TechCenter. To configure EMET you should follow this
guide by rationallyPARANOID.
You should always have in mind that the first line of defense on any system is the USER so you can really decrease the changes of an infection by practicing a smart online behavior.
Read : http://malwaretips.com/Thread-How-to-avoid-malware
Again welcome! As for you girfriend config , you can start a new thread as we need to know her General computer knowledge,Level of security risk,Operating system,OS architecture.. etc...