Protecting my laptop, opinions please

After seeing my family computer essentially rendered useless due to hackers, lots of malware, and possibly one real nasty keylogger, I have opened my eyes to the need for security. I want to take the lessons of my family computer and apply them to my college laptop.

My personal laptop right now is set up like this:

Windows Vista home premium, use IE as a browser

- Windows Vista Firewall
- Trend Micro Antivirus
- Spy Sweeper (with real time protection)
- Malwarebytes (free)
- A-squared free
- ccleaner


Could anyone recommend anything else (preferably free, I'm a college student on a tight budget) to help me protect my computer? I probably need a different firewall, and I am thinking maybe keyscrambler and hijackthis too? All suggestions are welcome.

Thanks in advance for the help. I'll base the future protection I put on my new family computer on what is on my laptop.

 

cba321,

It would help to know (or guess) how the keylogger was installed. That really controls a lot of how one approaches things. A lot of things have to happen to get infected with malware, but the primary thing is that something needs to execute. I'm ignoring script based approaches to harvest information.

Vista and UAC adds a lot here with respect to the execute end of things. You actually get a decent bump in security as long as you don't disable UAC (I know, it's a bother if you do a lot of installing and changing of software) or use LUA/SuRun on XP.

Trend Micro.... not great/not bad. If it works, I wouldn't necessarily change. On the free side I tend to like Avast, but you probably wouldn't see a major advantage. What you can do is recognize that all AV's have a time dependent response. New stuff might not be covered. The easiest way to avoid the issues here is, if you're about to install an executable from any internet source...., make sure it has some finite age associated with it. If it's problematic, it's more likely to be covered if it's been out there for a while. It's really simple statistics.

Personally, the only thing I run beyond my AV is a partition virtualization application (see Light virtualization: Returnil/PowerShadow/ShadowDefender/ShadowUser Pro and Light Virtualization - the first year....). Whether this is applicable to your family is debateable. It's a great solution when you start surfing in questionable areas, know it, and make the decision to jump into a virtualized state. There are also ways to make it work well in general via a combination of persistent virtualization to protect system and program files and judicious choice of excluded locations (email, documents, etc.). If the focus is free, the choice in this segment is Returnil.. (see their forums on Wilders...). I also tend to use ccleaner for quick PC hygiene - an underlooked aspect of basic PC operations.

Blue

 

free strong offerings.

Antivirus = Avast Home Edition - Free or paid (Excellent product)

Behavior = Threatfire Free (OK Product)

virtualization = Sandboxie or Returnil or both - Free or paid (Excellent Products)

Hips/Behavior/AV = Drive Sentry - Free or paid (Excellent Product)

Firewalls = Comodo or Online Armor - Free or paid (Excellent Products)

 

Scan everything you download with all of your scanners before running them. Even if it is a pic or music file. You can also upload them to VirusTotal or Jotti for multiple scanner opinions. It's also a good idea to investigate any program your considering downloading or running even if you best friend or grandma suggests it. Do a search on a forum like Wilders or ask if you can't find anything.

You may also want to consider USB thumb drive protection for your laptop and drive if your going to college. Search for info here at Wilders as there are a lot of recent threads about thumb/pen drives.

Keep both machines up to date . See my signature and run an online scan at Secunia's site an update any programs it find vulnerable.

 

Windows Firewall is adequate for inbound protection. I suggest you follow JRViejo's suggestion of using Vista Firewall Control.

There's no need to go overkill with excessive security software. The user(s) is the biggest security hole, there are some people who run no security software and do not get infected and there are some people who run a dozen different security software and still get infected . So always exercise common sense.

And use a good image backup software.

 

Windows Vista Home Premium provides Software Restriction Policy via Parental Controls for Standard User Accounts. Create and use a standard user account. Apply Parental Controls to the Standard User account and go to settings to select the programs you wish to allow as a standard user.

This will provide you with default-deny for executables. I have also tested it with *.bat files and it worked as well.

+2 on Sphinx Vista firewall control (free).

 

+1

I agree with djohn.

You can't be wrong with any of the above products. They are good and all have free versions.

 

No way would I call HijackThis excessive. It is a wonderful diagnostic tool that shows a user what is on his or her computer, and in the hands of a knowledgable person, can be used to remove malware. Is it overkill and excessive? Not even. It is what it is... a handy tool.

 

My view is if he's computer is clean then HijackThis should really be needed, especially since it's for advanced users. But anyway I'll remove it as I agree HijackThis is very useful in some circumstances.

 

May I add, since laptops are more prone to theft as well, you may want to encrypt the drive with a removable USB key.

 

Thank you everyone for the replies. I read everything and am considering a lot. I did give threatfire a try, but it was giving my system trouble so I had to take it off. On the other hand, I tried boclean and it is working well. I used secunia online to patch some programs too. I'll probably also get Hijackthis and maybe Returnil in case of a future problem.

I'm not going to go overboard with things like keyscrambler and such.

One thing on my mind is the firewall. If I stick with Windows firewall I'll get the sphinx firewall controll as many have suggested. On the other hand, I have heard some bad things about the Windows firewall, and that makes me consider Comodo or something similar. But I like how the Windows firewall is silent, as I have no idea what to do when a firewall asks if a certain thing can access the net. I hear Comodo and others are very talkative, so its a tough call...

 

The "talkative" FWs can be problematic cba321 so for years I have been satisfied with plain old Zone Alarm Free.

 

Windows Firewall has weak outbound filtering and self protection, which is what most people complain about. However, the inbound filtering is adequate, which IMHO is more important as prevention is better than cure. So you should focus on stopping malware earlier (e.g. with the use of site rating programs or sandboxes). Anyway, if you don't understand Comodo's pop ups then using Comodo or Online Armor or something like that would be pointless.