There will be plenty of information from professionals on this matter, and there are so many products that I will simply not cover many. Instead here is a breakdown of what you should need, and some guidance on other factors.

Anti-Virus

This has been the big one for a long time, the web can be swimming with all sorts, viruses, trojans, worms – its a regular menagerie of the digital kind. So the anti-virus (AV) is there to try and prevent this, crucially, some provide more than just AV capabilities; though my personal preference is to avoid this sort of situation of one service provides all.

The major take home factor is that you will not need more than one AV program installed… installing multiple will slow down your system and potentially cause collisions or issues between them. Its worth doing a great deal of research on these; there are decent free options out there (Avast! and AVG being prime options).

Anti-Malware

It sounds similar to an anti-virus, indeed they aren’t that dissimilar – and it may be that the Anti-Virus already intervenes here. In short though, Windows will install its own named Windows Defender. I’ve also installed Malware Bytes Anti-Malware (MBAM) which has often caught what the others have missed; this doesn’t have any sort of shield mode in the basic version, but does offer powerful scanning and removal functionality.

Firewall

Arguably, if you have decent networking equipment you should already have a Hardware Firewall, that said a software firewall provides that extra line and is more visible than something tucked away in a blinking box. Windows also comes with one named (imaginatively) Windows Firewall, and after trying third party firewalls, I’m not sure any other is necessary. It should be suitably secure for a normal and safe user.

 

Best Defence

But the problem with all of the above is it can give you a false sense of security; anti-virus/malware are useful if you’re attacked, firewalls can prevent direct access but can be circumvented. Think of it as minimising an attack surface (or reducing the number of vectors), the main weakness is going to be how you use the internet. Those being social engineering if you use social networks, emails, and browsers.

Links in emails, third-party browser plug-ins or extensions (think Flash and Java (not JavaScript so much)), these can offer ways and means to get into your operating system. So I’d suggest looking into NoScript/uBlock and their ilk, or at least setting flash/java to ask permission to run and being conservative about how and when you allow them.

And of course a healthy dose of user caution never goes amiss, don’t blindly click all links sent to you by email or chat client.