Security Help

Hi,l have Avast(free version) installed and Kerio Firewall.
1.ls it worth the money to get a antivirus program and which one,l was deciding on NOD32 or Kapersky.
2.Should l also get a anti-trojan program like TDS-3.
3.Thirdly should l get the paid version of Process Guard.
The reason l'm asking all these questions is l have a bit of money now and l do my banking on the internet.Thanks in advance for any help.

 

Hi Mollyman, welcome to Wilders.

As your questions relate to more than Nod32, I have shifted your thread here.

You may want to take a look here. As well there are discussions on security software here and even more here.

Hope this helps...

Let us know how you go.

Cheers

 

Depends what you use your PC for. Nice post by Paranoid2000 in a recent thread:

 

Or looking at the above post a different way...if you do P2P networking, surf pornsites (or any unknown site really, but porn mostly), download unknown programs, and do internet banking/purchases and/or have business/financial data on your computer ...then you want rather tight security. The less you do of any of the above, the less you need in terms of real security (ie. If you only visit trusted sites, and don't download anything untrusted, then you are fairly safe with minimal security).

I'm presuming you have a good firewall. if you don't it's absolutely essential (plenty of good free ones out there. I use ZoneAlarm).

The other posts in the above links cover most of your other questions. If you use IE, most recommend switching to mozilla firefox, but you you choose to stay with IE, then IE-SPYAD (free), Spywareblaster (free), a HOSTS file (free) and enhancing your IE security settings (see http://www.spywarewarrior.com/uiuc/main-nf.htm half way down the left column for a IE/Firefox security guide)

The PG forums here in wilders have lots of useful discussions about PG (seeing as many new people ask if PG is for them).

 

As long as you're not downloading and running executables, P2P presents no great risks (AFAIK - I started a thread on P2P and security and it hasn't produced any devastating revelations).
Equally I've never understood the safe surfing recommendation for people who have made the switch from IE. If you go unsafe surfing you'll come across a few trojans, which an AV with http monitoring should pick up. If not, you'll get a dialogue asking if you want to download the trojan. There's no harm in downloading a trojan, or having one in the browser's cache. As with P2P, to get infected you have to execute the malware.

Of course, I can see the sense of those recommendations as general maxims for new users who may be unaware of potential pitfalls. User awareness is the key.

 

You're quite right that executables are the biggest threat in P2P downloads (one test found about 30% of them contain either a virus/trojan/worm, or a combination of them). Virii are probably the only main danger in mp3's etc.

"If you go unsafe surfing you'll come across a few trojans, which an AV with http monitoring should pick up".... many AV's have a poor trojan detection rate. Then there is spyware.

Some spyware/trojans like CWS download/install automatically through ActiveX, normally from porn sites, and are very difficult to remove.

Other worms/virii use Java vulnerabilities to auto download.

Simply, the more combinations of risky habits you have, and the more info on your computer you need to protect, the better your security needs to be.

 

Interesting statistic, confirms my fears.

I don't think anyone's embedded malware into mp3s yet. There is an issue with WMV and WMA files, detailed e.g. here. It's worth noting that the mechanism described still requires user confirmation to get infected. User awareness would instantly flag that as suspect.

Okay, but the user would still have to execute the trojan.

- if you're using IE with lax security settings.

Zero-day exploits? I can't decide how much I should be concerned about those.

I hope this doesn't come over as too argumentative; really I'm still trying to work out my security needs. I do feel that well before a user has accumulated sufficient knowledge to make effective use of behaviour-blocking security software (too sophisticated for me, I'm afraid), they know enough to avoid infection anyway. I can see that some people will have a legitimate and valid need for behaviour blockers, e.g if they're in the business of testing software from unverified sources. And security concerns aside, they're useful tools for analysing how software and Windows work.

 

1. I would get KAV if I was doing online banking. It's about the best AV out there that detects not only viruses but much riskware that other AVs would have a hard time finding.

2. I would definitely have an anti-trojan (actually more than one) if I was doing online banking. Some good one's I would recommend are Ewido & A2. As for payware I like BoClean. But remember, if you do go with KAV over NOD32 you will have better trojan detection. If you choose NOD32, I would have two or three anti-trojans to better cover NOD32s somewhat poor trojan detection. But regardless it's a good idea to have at least one anti-trojan if your doing online banking.

3. Yes, get Process Guard. It will provide you with the kind of protection you need. You may also want to consider Prevx along with PG, I would.

I would also get an anti-keylogger of some kind. Realtime would be preferred. Snoopfree is a good free anti-keylogger. Again more than one anti-keylogger would be the best. Perhaps one realtime and one for backup manual scans. This is VERY important if your doing online banking.

 

Where exactly are you referencing this from?

Cheers