New to Avast

Hi everyone, I am new to Avast and have come here seeking advice on how to protect my computers. I have used paid internet security products and free ones as well. I am currently using Norton 360 on a trial basis and is almost up for renewal. I need advice from you guys and gals about what you recommend in addition to Avast free edition for complete protection. I am seeking the best all-around protection possible using free software. Can any of you tell me what you use in addition to Avast Free Edition to protect your computers from the various threats from the internet. I have Vista Home Premium 64 bit and I use online banking, and I do more than the occasional internet surfer. Thanks in advance to those who can help out with recommendations. :wink:

See my sig. :wink:

Other signatures are available ;D

Absolutely…! ;D

if ur an advanced user (in that u can handle many pop-ups), u might wanna consider hips (host-based intrusion prevention systems) eg. online armor free, comodo firewall (also free) sources: http://www.online-armor.com/products-online-armor-free.php, https://forums.comodo.com/news-announcements-feedback-cis/comodo-internet-security-5102282572253-released-t82809.0.html

do note that comodo firewall cannot provide outbound protection with avast v7 due to avast causing a bypass (acting as a proxy form apps on ur system to connect to the net)

if ur a average user, just use windows built in firewall and consider ‘hardening’ ur browser with certain tools: 1. Adblock plus https://chrome.google.com/webstore/detail/cfhdojbkjhnklbpkdaibdccddilifddb (only for firefox/google chrome) for IE, please upgrade to IE9 and get tracking list protection http://www.iegallery.com/en-US/trackingprotectionlists

                                                                                                                     2. i use avg linkscanner ([b][u]NOT[/u][/b] the [b][u]antivirus[/u][/b], just the sole component provided separately), to provide multi-angle coverage of exploits on top of avast's own protection through web shield and script shield. source: http://free.avg.com/us-en/linkscanner

                                                                                                                     3. u might wanna try EMET, see article here on how to use it http://www.dedoimedo.com/computers/windows-emet.html (basically it helps reduce potential damage caused by any form of exploit that manage to bypass avast and avg linkscanner. source: http://support.microsoft.com/kb/2458544

hope this helps ;D

Since you do on-line banking, you may consider to purchase Avast! pro or AIS which have " Safe Zone " and will give you total isolation from the outside while you do your banking transactions.

If you can not, You need a good firewall with HIPS. Already mentioned above by AntiVirusAseT. I also recommend Malwarebytes’ free for on demand scans ( second opinion ) and KeyScrambler Personal to keep your PINs encrypted.

http://www.qfxsoftware.com/ks-windows/which-keyscrambler.htm

BTW see my sig ;D

Apart from the tools already mentioned:

USB-set by Loup blanc immunizes your USB drives by placing an autorun.inf directory on them. This thwarts Windows’ autorun feature.
http://forum.zebulon.fr/usb-set-version-151-t173063.html

English text, but seemingly not the latest version:
http://www.spywareinfoforum.com/index.php?/topic/128367-usb-set-14/
https://www.geekstogo.com/forum/files/file/378-usb-set/

Bitdefender has a very similar tool:
http://labs.bitdefender.com/projects/usb-immunizer/overview/

In Firefox (did not investigate other browsers)
HTTPSEverywhere and HTTPSFinder; install as add-ons.

I disagree with those addons because avast web shield does not scan https making you vulnerable to infected webpages.

@RZPogi: gd catch. thats true - avast web shield cannot scan https due to encryption which is the nature of this protocol.

quote wiki: Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and secure identification of a network web server to know which web server you are really talking to.

source: http://en.wikipedia.org/wiki/HTTP_Secure

it is not feasible for web shield to scan https as that would require decrypting SSL which itself should take a lot of computing power, not possible from personal computers. w/o private/public key used in encryption.

Thanks for the clarification, I did not realize that.

But then, isn’t it a choice between two evils: either no https and vulnerable to a man in the middle attack, or https and vulnerable to infected web pages?

Regards

yes, u have to choose between the 2 evils, but the choice really depends on what is more important in a particular connection between the client and the server.

i will try to explain…hopefully it is correct

non-physical computer security consists generally of the following components: privacy of data, integrity of data, accessibility of data, authenticity of parties involved.

now consider 2 possible scenarios: 1. i am doing online banking 2. i am viewing a favourite hobby website

in case 1, my personal details are critical - it should not fall into the wrong hands at all costs (man in the middle attack),thus not easily accessible. i will therefore prioritise protecting the transfer of data through encryption.

i do not think that an infection should occur on a https page…this is because encryption like https have to be always verified by a trusted third party certificate authority under normal circumstances (eg. verisign). basically, verisign verifies that nothing is changed/modified…thus the verification shall be void if anything is changed.

the only way it might happen is when the private key (eg. from the bank side, is stolen and used by crooks) that case, the certificate is said to be compromised as the private key which is supposed to be owned solely by the bank is now in the hands of crooks or who ever not verifiable.

in case 2, no personal details should be shared, therefore it is not needed to encrypt the page (privacy, integrity of data is not critical here. neither is authenticity) eg. an insignificant person can create a webpage and talk about different breeds of dogs and a visitor can just come by to view the info he posts.

in fact, i think forcing https on every other webpage is bad… this is because i am encrypting the connection between the client and the server, but who is to verify who is the server? i could very well be encrypting a connection to a crook’s server…whereby the crook can than transfer malicious files to me securely? this leads to my antivirus not being able to protect me as nobody can check on the files being transferred from server to client - it is encrypted! so unless u can tell me that for every website u force a https connection is verified by a trusted third party certificate provider, i would not want https everywhere…

thus, for casual websites, i think http is the way to go, and that way, ur antivirus can take charge to try to protect u.

(anyone, if theres any mistakes, feel free to correct me) :slight_smile:

edit 1: real world potential abuse of https connections: https://secure.eicar.org/eicar.com (note this is a test file to see if ur antivirus works - it is not a real threat) u should see that web shield of avast does not block this eicar test, only after the file is downloaded to ur system, then file system shield catches it.

Check out these links. All work and play well with avast.

http://filehippo.com/download_malwarebytes_anti_malware/
http://filehippo.com/download_superantispyware/

Firewalls…

http://www.filehippo.com/download_outpost_firewall/
http://www.softpedia.com/get/Security/Firewall/Comodo-Personal-Firewall.shtml
http://www.softpedia.com/get/Security/Firewall/Privatefirewall.shtml

I would have included Online Armor Free except OA is blocking Flash Player updates. It is a known issue.
http://support.emsisoft.com/topic/7839-flash-update-being-blocked/