Netbook Av's

LOL! +1, trjam... I am in same boat and you put it eloquently. I wish I had time to make a more comprehensively informed decision on user privileges and implement it but it would take time I can ill afford with 6 machines bopping around the house and a reliable backup solution in place for all of them (as well as FD-ISR on most of them).

 

Don't want to bother with all sorts of security and limited user settings. When I want to do something on my comp, I want to do it and running as admin, I can.

That's what AV is for IMO.

Running a trial version of Nod32 on my netbook now and it is running great. Nice and smooth and no drag at all.

 

I've had my netbook for almost 2 years. The combination of security I'm using is a bit of a compromise: Avira Personal and MBAM, both on demand, Sandboxie carefully configured, and Shadow Defender when I don't want to worry about anything. I always run with admin rights and this combination has virtually no system impact.

 

It seems like a lot of people are misinformed about LUA and SRP. I find it odd that people have thousands of posts here but can't take 10 minutes to configure a LUA & SRP. I could set up a LUA & SRP in 5 minutes easily. Create a new account, then follow the instructions here: http://www.mechbgon.com/srp/index.html

I think you guys are making it waaaay more difficult than it needs to be. If your worried about doing admin tasks a fast user switch takes a few seconds, do your admin work, then switch back and its much more secure than running full blown admin 100% of the time. I agree most 'security nuts' are people who enjoy testing out 3rd party software. But IMO in 5 minutes I could configure even a 2001 windows xp pro machine to be more secure than most of your admin accounts with nod32 or avast or whatever. I could test malware samples from mbam forum or malwaredomainlist until you are blue in the face and wouldn't get you anywhere, meanwhile there are tons of youtube vids showing every AV on the market getting bypassed with a few malicous links.

Lastly, everyone says their setup has no noticeable impact. I've yet to see an AV app not increase boot time, increase in game-stuttering, increase ram use, and most importantly have a big impact on drive performance. On a good machine you won't notice it for basic use, but for sure will if your a power user.

You may think "well idiot task manager only shows 20mb ram use on my 4gb ram machine, thats nothing", and I'd agree with you. However, task manager really doesn't show you the true picture at all. This is why AV tests don't even bother showing ram use in task manager with different AV's as it means nothing and can easily be programmed to look light in task manager. The real test is before & after ram use. For example, on a fresh install of Windows XP and installing drivers I have about 120mb ram use on bootup, if I install Comodo Internet Security on bootup it shows 245mb ram use. Its very noticeable when gaming or running demanding apps & not so much for web surfing, however task manager only shows CIS using about 30mb ram More importantly to performance its read/writes to the hard drive is extensive.

Sorry for the rant I hopes this takes some of the misinformation and fear out of the LUA & SRP approach.

 

I'm talking from experience and SRP DOES takes time.
Usually you have to set rules for specific download folder or different applications. And it CAN be a pain bu** sometimes, as i used it for several months before dropping it. (I like HIPS and i can stand all those pop ups, but configuring SRP gets old )


Ex.
Google Chrome online installs in the user folder which you have to create a custom rule.

Flash based internet run some .exe files and .dll files that are in system32 and you have to create a rule for it.

Some games doesn't installs in Program Files, don't ask me why xD

Some PDF extensions installs in other areas if i remember correctly.

Different programs downloads things in different places and most people just run it in it's default place.


And many other things i forgot
Another factor was my bro, we "used" to share this pc and every time he used it i had to disable SRP lame xD

 

You create a LUA in few seconds. Don't bother with set up as there is none. You create it, and you use it.
Gone are the malwares which require admin credentials as well as rootkits.
The only malwares which are still a threat are the rogue AV and the info stealers running in userland. You may never see the latter ones.

If you want to perform admin tasks, switch to admin account: 30 seconds, once a month (?)
If you want to install a new software: right-click run as admin and input your password: 5 seconds.

No excuse for not running as SUA/LUA. It is a security forum here after all, and the first and almost only step towards security is this one. We wouldn't be of a good advice if we didn't say so.

Edit: In the times of Windows 3.1 or 95, when there was no admin, user and correct control of policy access, AV were here to save the situation and could do it because of the low number of threats. They can't anymore and there are more efficient and advanced ways to do 99% of the work.

I agree.
It is a pain, and since Adobe messed up with the DLL in a user temp folder, I removed SRP from my relatives's computers.
That's why I don't think SRP is a good idea if you are not willing to. Instead, install a light AV (a free one is more than enough as the extra features provided by the "PRO" versions are mainly overlapping with either the web browser features and/or the LUA/SUA protections). You will save money.

 

IMHO Avast/Avira free are very light - I support Vladimyr & Johnny123

 

Absolutely no debate there.

THAT'S where the devil lurks in the details as others have said. I don't have time to support 5 other users in my house who want the liberties they're accustomed to so I choose alternative means of security.

Although I have paid security on other machines, MSE 2 seems to be serving a Win7 laptop and a Win7 netbook well so far.

 

Trust me there is no devil hidden in the details. basically, you need admin credentials everytime you receive a UAC prompt. Try and personalise your admin account (modify your screen saver, your MSN messenger...). You will realise how few prompts you receive.

You could as well revise your strategy, as giving the admin credentials to your wife and children after an explanation of what it serves to, why it shouldn't be used any time... Maybe it is an opportunity as well to have a nice discussion about internet, the good and the bad...

Admin credential under LUA/SUA is like a super weapon. You become the god of your computer. You are the one telling who comes in and who doesn't.

You could then transform the "do whatever you want and I cross my finger that this AV will save my butt" into a "you are responsible and if you prove me wrong you might loose this responsibility". It could even become a much wider discussion on what liberty truly is. Is it:
- "do whatever the ~removed~" you want to do"? or
- "Liberty is something you earn by understanding its own boundaries and by accepting the consequences of your own acts. With liberty comes responsibility".

This time spent on this could then be seen as an investment over time that you will gain back eventually. I am sure your children will learn from this journey.

Just my 2 cents (of euro). OK I confess I smoked too much the carpet.

 

Well said. Problem is, the consequences of abusing that liberty would be more severe for me than for them. We'll get there eventually but for now the bandaid will have to suffice.

 

Netbook AVs:

For netbooks, imo the best thing is to avoid suites altogether. Instead, opt for one of the lightweight AVs that have been mentioned above.

Avast with File Shield only (add in Behavioral Shield if you want) is one of the lightest real-time AV one can go with unless one is willing to follow this trick:

Making Avast the lowest overhead AV available

One can always go with on-demand scanners only instead if one is comfortable with the idea...

As for the LUA issue (albeit the OP didn't specify for it):

I'd say a netbook owner might want to try using LUA, even if it's something he/she despise to the max.

Why? It's simple...ask yourself this:

As far as I've seen it, the 'norm' activities of those who own a netbook is typically to surf the net, log-in to social networking site, chat online, play online games, etc. Perhaps geeks, nerds, techies here may be the exception...but other average users tend to follow the same pattern above.

Hence, LUA along with the "dreaded" UAC prompts shouldn't pop out in the face too often for the netbook user in day-to-day use. One can still do one's admin tasks by simply elevating UAC, input credentials and it's done. There's hardly any need to do fast user switching unless you wish to do multiple admin tasks in a row. If that's still a chore or you need to let other family members access to certain programs with admin rights, there's SuRun which now supports Windows 7...

Still not in favor of the above suggestions? No problem - just keep your UAC on at least if you're on Vista/7. No need for credentials (password) if that really ticks you off.

As for SRP issue:

SRP may seem like a chore initially for some users depending on personal computer setup as mentioned/experienced by Noob. On the brighter side, it's a one-time setup if you've configured it correctly.

However, some netbooks comes with Windows 7 Starter which doesn't have any access to SRP as far as I know. If that's the case or one simply do not wish to meddle with SRP, a person might want to deny downloads of file types with a risk indication of high.

Other 3rd-party software:

Sandboxie, Geswall, DefenseWall, Returnil, Shadow Defender, etc are all good options for various needs/purposes. It's only a matter of making the best choices for your netbook specs and resources. Just don't overdo it by overloading your netbook with too many...

P.S. I am purposely highlighting the fact that the main discussion here is in regards to netbooks since it seems to me like some members here forget that

 

Allow me my "rudeness": What the heck is the Operating System we're talking about?

You see, if it's X version, then one needs to follow a certain direction; if it's Y another, etc.

One more "rudeness": What is the web browser? (I don't remember seeing it mentioned. If it has, then I apologize for the "rudeness")

 

Don't you see the signature?

Concerning the Web browser, even if they are all different in their approach of security, they are relatively equivalent.

 

Parental Controls uses SRP under the hood. It automatically whitelists the apps that are allowed to start.

 

You're right. I knew about that from here but didn't realize that Win7 Starter includes Parental Controls too.

 

SRP... Minus DLL restriction.
To get this further restriction, it is necessary to get into the registry, under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers, and modfy the TransparentEnabled string to 2 (include all files in elevation - 1 indicates that DLL are excluded).

But as Safeguy said, we are OT: TheIgster doesn't wish policy control.

 

I thought it was some different system/computer. I missed the part of one of one of the latest posts where the user actually makes reference to a trial version of NOD32.

Yeah, but considering one or the other, a different approach could be taken, specially considering we're talking about Windows 7... integrity levels came to mind (If this was the O.S, before I knew it was)... Not all play quite well with such.

 

Actually you may be right. I can't find where he provided the OS

He doesn't want policy enforcement. Do you believe he will be willing to set up such approach?

 

Heck... well... it didn't cost me anything to give it a try.

 

noob, I haven't experienced any of those issues and stand by my statement that I could configure a LUA & SRP within 5 minutes, and I'm not any sort of expert. Some systems vary, and to each his own.

Back on topic, I think the first reply was a good suggestion with Panda Cloud. I think Avast is optimal as far as an AV for a lighter system, lastly I tested out MSE on one of my machines and was happy with its overall system impact, particularly when you consider that Windows Defender is automatically disabled when you use MSE.

 

I had a client call to advise the screen may be dead on one of his netbooks on Monday. I bought and set up a new HP netbook for him that night. Installed the latest version of Avast! and it seemed to be running very light when I finished the software installs and packed to ship on Tuesday.

 

Lot of good suggestions here.
I recently got a netbook myself, and here's how i have it set up -
- Avast! 5 (No realtime monitors, except for Web Sheild).
- Pe-Guard Free.
- Windows 7 Firewall Control Free.

Initially i ran just avast! 5 with the file sheild and behv. sheild and things ran fine. No CPU or disk IO spikes.

I have even tried MSE, but unfortunately it used too much CPU and RAM. And also during updates CPU usuge would shoot upto 60%. This was with v2 (the latest one released). Don't knw if there have been any changes since then.

Cheers.

P.S.- Happy New Year!

P.S. 2 - I forgot to say - i am running W7 Ultimate.

 

I understand what you are saying, but since I created this thread, it's really about AV products. I'm not interested in dealing with LUA, etc. So if you have an AV suggestion, great.

 

No issues I presume?

 

Appguard or Defensewall (if your netbook is 32-bit). I've used both and they are both very quiet and easy to use. Both have gret support too if you do have a problem.