Firewall Question
 

I'm a bit confused. I've been told by my computer-savvy friend,that, since I access the internet a router, with anti-virus software on my system, I don't need a third-party firewall, since Windows' inbuilt Firewall, which I have switched on all the time, will do the job adequately.

However, if this is the case, why would anyone purchase third-party firewall protection? Am I safe?

You're safe enough. Windows Firewall and Microsoft Security Essentials are fine for most consumers.

Yeah, you should be fine. I'm assuming your router does NAT (Network Address Translation), which means that your computer isn't actually on the Internet (in IP Address terms) and can't be accessed directly from there.

(There is a way of allowing access from the other Internet systems, called "port forwarding" on the router, but you'd have to turn it on and set it up. If anyone (or a website) tells you to do that, be sure you understand the reasons in full: if not, don't.)

that's all Ive had for years
 

keep the AV up to date and scan at least weekly

One advantage of using something like Zone Alarm firewall is that it can be set to ask you before it allows a program to access the internet giving you the chance to stop any rogue programs, such as keyloggers, from leaking passwords etc.

what GG said.
Think of it as a safety net, the last chance to prevent any undetected malware from phoning home. (Even that isn't guaranteed. Some malware installs/modifies a system file, so it looks like the system -previously allowed- is phoning home, and not all firewalls are necessarily able to detect the change. Most should.)
Prior to that situation occurring, you have defenses in place that should stop the vast majority of it. In theory.

I would suggest that if one operates with a hardware firewall, good (regularly updated) antivirus and (crucially), not as an admin then one really has very little to worry about. AV should be set to on-access scanning, with regular full sweeps.

A SW firewall and anti-malware are good to have, but not as important.

Obviously, if one is using public access points with your laptop, then a good SW firewall is essential (not Windows, although it's better than nothing). And again, running as an ordinary user.

SD

Good article on the use of svchost here:
What is svchost.exe And Why Is It Running? - the How-To Geek

Be carful not to spread the wrong message.....

See .....
TeamViewer - Free Remote Access and Remote Desktop Sharing over the Internet

and many other similar "legit" examples..... then consider the "dark side" possibilities.

It's easy to create a backdoor in through NAT...... :ok:

The way those kinds of programs work, they require the client PC to open up a connection first. Only then is there an open NAT port through which data can enter. Assuming the NAT itself isn't broken and ports aren't being forwarded, an external computer can not open a port: it has to be invited in. That's also how multi-player games can be made to work through NAT, by the client connecting to a central server, thus opening a connection through which game data can be transferred. That's not a back door, it's a front door. :8

Of course rogue programs can do this from the PC, but when that happens, a firewall isn't guaranteed to help, either. I never said NAT was a total security solution, but if you run a good up-to-date virus checker, and surf responsibly (using Firefox with NoScript), you can be pretty confident IMHO.