User standard vs admin
On a Windows 7 computer with one user, is there protection against malware infection higher to win in standard user?
My understanding is that even when you run as administrator, the rights are not high, until you allow UAC elevation, so I wonder if the unelevated admin is essentially the same as the user standard unelevated (again, I speak just from the point of view of the installation of malware).
In my research I found that it is often said that the standard user can make changes that affect its own user account, not the rest of the computer. But when you're the only user, who seems to be irrelevant. I read an article by a Microsoft developer who said he could write the malware which is perfectly happy running completely in a standard user account and return this information to credit card, user names, passwords, etc., for the wicked.
I've got different Win 7 computers running both feel, and it seems that both ask for elevation every so often, the only difference being that the standard user needs to enter a password.
So the question is: is there an advantage to be a standard user, from the point of view to prevent installation of malware (for example, from Drivede or click on a malicious link facilities)?
Hello, YoVincenzo
There is no definitive answer.
When UAC is at its highest setting, there is little difference. Assuming that you are the only one with access to the computer, I would say it of mostly personal preference and really depends on what you plan to do on the computer.
The biggest concern would be automated exploits on Web sites and if you visit Web sites that may contain, you can opt for the standard account just be on the safe side.
The UAC settings are a good mix between security and ease-of-use and should be sufficient in most cases.
David
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think.
Tags: Windows
Similar Questions
-
XPSP3 and Media player 11: DVD playback as a user standard(non-admin)
Log in as admin: DVD plays fine
Log in as a limited user: error setting color depth and screen resolution.
These parameters are the same between the 2 accounts.
dvdupgrd / detect gives the same info codec between the 2 accounts.
Why a limited user cannot play a dvd?
With the help of a codec pack. Another player, not an option.
And the answer was:
Do not use the lib2mpeg codec in ffdshow for DVDs. Use Cyberlink.
-
I can not change the type of standard user to the admin account.
I had a very difficult time, adding new accounts to the system. Now that I have, I can not change the type of standard user to the admin account.
As you don't declare that you tried, I am unable to say where you went wrong. Here is a method to promote the accounts without going through the various GUI screens:
1 restart in SafeMode with network.
2. log on as an administrator.
3. click on start.
4. type the three letters cmd in the search box.
5. press on Ctrl + Shift + Enter
6. click on "run as Administrator".
7. type the following commands and press ENTER after each:
NET user
(This will show you all existing accounts)
net localgroup administrators 'xxxx '.
(This will encourage user xxxx to Administrator status. Replace xxxx with the correct name account). -
Create an account via a standard account admin
I have Vista Home with two accounts, a one and one other admin account standard. See the profile of my admin account is corrupted and I can only log on my standard account. I want to create another account to replace the admin one, but how can I do this via the standard user account. I can not activate the hidden either Administrator account such that she has always blocked.
You can not. You can enable the built-in Administrator by following the instructions below. Instructions are written generically so not everything can be there, but the methods are the same.
If your single administrative user account is damaged (and that is why only a single user account is A Bad Thing), you will need to log on to the built-in Administrator (disabled by default in Vista) account. From there, you can create a new user account for yourself. In these cases, I prefer not to copy the whole profile to a new way to do not copy the bits corrupt. I prefer a new user account to copy the data (documents, photos, emails, etc.). Here are the instructions to do this. I assumed that you had only an administrative account, then you might want to take a look at the "general recommendations for setting Up user accounts in Vista" at the end of this post.
All this requires a certain level of computer skills. You know better and that take the machine to a competent local computer tech (not a type of BigComputerStore/GeekSquad place) is the best solution for you.
System restore - you can try first to do a system restore when things worked. If you had only one user account, then you can either try activating and connecting the built-in Administrator account as described below or start with a Vista installation DVD and do a restore of the system from there. See below for what to do if you do not have an installation DVD.
Activating the built-in administrator - the first thing to do is to see if the administrator account is enabled by going in Mode safe. If there is no account of administrator user on the system, the built-in administrator may become activated it. Go in Safe Mode, press the F8 key as the computer starts. This will get you to the menu diagnosis. Select Safe Mode using the arrow key. If you see an icon for administrator on the Welcome screen, click it. The default password is white. Then go to control panel > user accounts and make changes.
If you don't see an icon for the administrator on the homescreen mode safe - if you have an installation of Vista DVD (not a recovery DVDs), you can start the system with it. Select the default language, then select "repair your computer". Then select "Command Prompt". At the command prompt, type:
NET user administrator / Active: Yes [Enter]
Remove the installation DVD and reboot the system in normal Mode. You will see an icon for the administrator on the Welcome screen.
If you do not have a Vista installation DVD (only have a recovery disk), the computer mftr. may have given you the option to repair the system Windows Vista (not a system recovery!) in the menu diagnosis. This menu of diagnosis is the same one where you can choose Safe Mode. If this isn't the case, you can do a repair file Vista bootable DVD in this link:
http://NeoSmart.net/blog/2008/Windows-Vista-recovery-disc-download/
Note: All the Neosmart recovery disk downloads are torrent files. There is a good explanation of the torrent on the site Web of Neosmart files. You will need a torrent as muTorrent client to get the files. Torrent client will download the .iso file with which to create the bootable DVD. You will need the third burning like Nero, Roxio or free ImgBurn software to burn the image .iso image file, not in the form of data.
After net user, remove the bootable CD and restart the computer. You will now see an icon for administrator on the Welcome screen. Connect to this account.
Create a new user account for yourself and by copying data from your damaged to her user account:
1. you are now connected to the built-in Administrator account. Go to control panel > user accounts and create a new Standard user for your daily work. Let's call it "Sheldon" for this example. Also create an administrator user, called 'CompAdmin' (or 'Tech' or similar).
2 Ouvrezunesession 'Sheldon' once for profile files are created. Now log off 'Sheldon' and 'CompAdmin '. In "CompAdmin", disable the built-in security administrator. Do this from a command prompt:
Start > Search > type: cmd
When cmd appears in the above results, right-click and choose "Run as Administrator". Provide the password/OK to the UAC prompt. Now, you will get the command prompt. Type:NET user administrator / active: No. [Enter] and exit the command prompt.
3. always in 'CompAdmin', you want to open two windows explore side by side. Open computer and navigate to C:\Users\old-corrupted-account. Now, do that again, but navigate to C:\Users\Sheldon. Copy the data from 'old-corrupted-account' on records in 'Sheldon '. Remember your Favorites, bookmarks (if you use Firefox) and by e-mail if you use an email like Windows Mail client.
4. When you are finished, log in to "Sheldon. All your stuff should be there. When you are sure to have what you need, you can remove the old man-corrupted-account control panel > user accounts.
General recommendations for creating users in Vista:
You absolutely don't want to have only one user account. As XP and all the other modern operating systems, Vista is a multi-user system with integrated system of accounts as default Administrator and comments. These accounts should be left alone because they are part of the structure of the operating system.
In particular, you do not want one account user with administrative privileges on Vista because the administrator account integrated (normally only used in emergencies) is disabled by default. If you use as an administrator for your daily work, and this account is corrupt, things will be difficult. It is not impossible to activate the built-in administrator to rescue things, but there may be more that you want to do. Better not to put you in a bad situation at first.
The user account that is for your daily work must be a Standard user, with the extra administrative user (call it something like 'CompAdmin' or 'Tech' or similar) only it for elevation purposes. As a user Standard is recommended for security reasons and will help protect your computer against infections. After you have created "CompAdmin", connect to it and change your normal user account Standard. Then log on to your regular account.
If you want to go directly to the desktop and ignore the Welcome screen with the icons of the user accounts, you can do this:
Start Orb > Search box > type: netplwiz [Enter]
Click continue (or provide an administrator password) when you are prompted by UACUncheck "users must enter a user name and password to use this computer". Select a user account to connect automatically by clicking on the account you want to highlight and press OK. Enter the password for this user account (when it exists) when you are prompted. Leave blank if there is no password (null).
MS - MVP - Elephant Boy computers - don't panic!
-
Router EA4500, name of user and password admin vs ssid/wpa
The web-settings EA4500 application requests a user name and password. The user name is "admin" and the password is my long (60 characters) wpa key. I can't see where I can change the password but it says that I will lose all wireless connections. It's not logical for me. I think the router administration user name and password are completely separate from the ssid and wpa key. This was the case with my previous LinkSys Router.
Am I missing something? I would like a router administration user name to be something other than the generic "admin" and password that is easier than my wpa key long. I want a key ssid and wpa separate (what I have currently).
Is this possible and how? Thank you.
I don't know how the EA4500 works exactly, but you should be able to change the router password to access the web interface on the Administration page. Compare demo ui: http://ui.linksys.com/files/EA4500/2.0.36/Management.htm
I think that CiscoConnect sets it up to use the same router password and WPA password.
You can change the password only through the web interface, too.
But after changing only the admin password or the password, I think that you are not able to use CiscoConnect more, because it depends on the same.
You cannot change the user name and there is no purpose in doing this. They only check the password anyway...
-
Allow a user to the admin of the site and upload images to a DB if possible (was: new to Muse...)
I've been a user of Dreamweaver, at the time of UltraDev, I need to be able to allow a user to the admin of the site and upload images to a DB if possible. For this I used in DW with a DB on the backend. The customer, log in and then upload images and Add info to the image and details.
Then I looked and did not find anything which allows for a DB on the backend... can someone help with this question?
Thank you
B
Thanks for the info... I think that allowing them to edit via the adobe software in the edition of browser will do.
https://www.YouTube.com/watch?v=p12weA0YMCcBest regards
B
-
Cannot connect to my admin account and cannot change my standard user to the admin account
I have 2 log ons, as administrator and the other is a standard user. Something happened that doesn't allow me to connect to the admin. Profile, but I can't the standard user and when I go to user accounts and you're trying to change that one to the admin. privileges, it doesn't let me change the account type. I recently purchashed Defender Pro 15 in 1 more all-inclusive anti-virus. Previously I was using Avira Antivir free House as my anti virus with no problems for a year or two, but then this happened if I installed the Defender but I can't access to half of what I need to do is no not Admin, any help would be greatly appreciated!
Hello
did you uninstall Avira before installing Defender Pro?
2 aVs installed will cause blockages of the system or problems
"Something happened that doesn't let me log on.
and you don't give an error message on your admin account opening
We need error messages to help you
Uninstall Avira or:
try a Safe Mode system restore to before this happened
http://www.windowsvistauserguide.com/system_restore.htm
If necessary do in safe mode
Windows Vista
Using the F8 method:
- Restart your computer.
- When the computer starts, you will see your computer hardware are listed. When you see this information begins to tap theF8 key repeatedly until you are presented with theBoot Options Advanced Windows Vista.
- Select the Safe Mode option with the arrow keys.
- Then press enter on your keyboard to start mode without failure of Vista.
- To start Windows, you'll be a typical logon screen. Connect to your computer and Vista goes into safe mode.
- Do whatever tasks you need and when you are done, reboot to return to normal mode.
-
Corrupt Admin transfer of user Standard privileges
The corrupted administrator account it is impossible to connect even with the password so I transferred the files the standard account, but this does not solve the question of access to administrator privileges is there a way I can transfer status admin without access to the Admin account?
Nevermind, I transferred privileges by using the default account
-
change user account: I want to upgrade my son's account on the PC to standard or admin
I want to upgrade my son's account on the PC to standard or administrator. For some reason I can't do this, the only option I have is to turn the guest account on or off.
It is not possible to upgrade the guest account. Create a new user account for your son. Boulder computer Maven
Most Microsoft Valuable Professional -
Standard vs admin accounts: which is preferable for reasons of security online?
My online safety practices seem to be strong. I use Microsoft Security Essentials for many years and I do practice wise online security. I know that MSE has its detractors, but it's worked for me. last night, I run ESET Online Scanner, and my computer is clean. I also regularly run Windows Defender Offline just in case.
By reviewing best practices of security online yesterday, I came across a few suggestions do not use an Admin account on a regular basis, which sometimes I do all the time.
How a Standard account increases security online?
A standard account increases online security. There have been recent reports where trust familiar sites (such as the New York Times) have been compromised and any visitor to the Web site will suffer an infection. If you were logged under an administrator account when the infection occurs, the virus will have all of the capabilities you have (because it runs under your credentials). If you do not use an admin account, the virus or malware would have less capacity and could not cause damage throughout the system (because never a standard account can affect the whole system).
UAC, first introduced in Vista, to limit this risk. Even when you are running under an administrator account, most of your programs still work in a restricted security context. It is therefore 'raising' by clicking on confirm box user account control when perform you certain actions of admin-level, even if you are already an administrator.
If you use Internet Explorer in Protected Mode, this means that it protects you by using this restricted security context. But you can always improve your security just by using a standard account and only by using the account administrator if necessary.
-
Driver manual install - no Internet - user Standard
Hello
I'm new to this forum simply because after spending some time looking for my answer, I've had no luck whatsoever... I'll give an explicit example of what I'm trying to accomplish if anyone can understand what it is I'm doing.Our company has recently designed a product that uses a serial converter USB (MFG FTDI) number. Through this interface, the customer can view the log files, change configurations, etc... The customer has asked this question: If an employee has a new laptop (the driver was never installed), he works in a very remote location (no internet connection and Yes, it is typical for our industry), and has a user account standard (without administrator privileges), he or she will be able to install the required driver?I started to answer this question by creating a standard account on my laptop. When you try to answer this question, every avenue I pursued leads me to an answer of no. FTDI offers a driver .exe install the application, clicking on it, my computer is brought to its knees, and the only way to recovery is done by 'hard' reset. I must point out that install .exe that FTDI works well when it run under the admin account. I tried to do a right click on the device in the Device Manager window that would allow me to point to the drivers, even once, NO luck. I tried to use the line install command prompts (have the.) INF files) - NO luck. What really bothers me is that I know that the drivers can be installed as long as there is an internet connection. I guess that the drivers are placed here: C:\Windows\System32\DriverStore\FileRepository...? I can't drop files of the driver here because this is a protected system file.Has anyone has fought against a similar problem? If so, could you point me in the right direction. I fell like I am in a bind...PS I know it is a forum for Windows 7, but the goal is to tackle this problem for XP as well.Thank you all!Thanks, Oberwald, for the answer. At the launch of the pilot, it should run until the end. There is no need to specify some settings etc...
After re-reading your original post, I came to realize that my first thought would not work in your environment. You're stuck with the standard restriction in Windows 7 where the new drivers can be installed in one of two ways:
- When you are connected under an administrator account.
- Through Group Policy.
The second method doesn't seem to be feasible for machines in remote areas. -
How can I convert my user standard ac the administrator account
my administrative ac transferred to standard acre now I have no privileges to add or remove the softwareor programe. He asked me to provide the administrative password. well kindly help me how can I convert my standard user in adminstrater ac ac
my administrative ac transferred to standard acre now I have no privileges to add or remove the softwareor programe. He asked me to provide the administrative password. well kindly help me how can I convert my standard user in adminstrater ac ac
Here you go:
- Set your BIOS so that it uses the DVD drive as its primary boot device.
- Start the computer with your Windows 7 repair CD.
- Press a key when prompted to boot from the DVD.
- Select 'PC Repair' in the menu.
- Select 'Repair' when prompted.
- When you are prompted, select System Restore.
- Set Windows to a point before you demoted the admin account.
- Plan ahead a little and create, test and document an alternative admin account, same as you have a spare emergency House key. This will save you a lot of trouble.
-
Cannot access TB of Win7 user acct - from Admin
I loved TB for years and he was always on computers that have only the administrator account (Yes, I knew that it was not wise and-).
Now I had to reload Windows 7 Pro due to a malware that might have been blocked if I was using a separate user account.
Of course, I now have the Admin account and my user account.
Thunderbird runs a lot of Admin, but when I try to open it in my user account he wants to load a new email address and I'm afraid that if I load the same account details there will be problems.
Is it possible to have accessible TB since the two accounts or should I remove and re-install just from the user account?
If it is possible then to simple instructions please - I am over 70 and the nearest computer shop is more than 100km (60 miles)to start slowly.
Were you logged on as an administrator to copy? You will not have access to the files if you weren't.
Did you find the Thunderbird profile?If you think you have copies where it should and it does not work. try to use the Profile Manager to tell Thunderbird where is this place.
change the shortcut on your desktop for Thunderbird (right click, properties) and add a PEI to the target, it looks like
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" -P
Now close Thunderbird
When you start Thunderbird, you will be asked for the profile to use. But hat we do is create a new. Selection of a new profile and pointing to that which already exists which causes it to be used.
Now to the real part of profile. Initially, I said lets you copy % appdata%\Thunderbird. Now you must descend into the Thunderbird folder and open profiles. This folder will contain, if you only have one profile, a file with 8 random and .default characters that corresponds to the current profile folder.
So, by using the Profile Manager to point to a new profile to this place should cause Thunderbird load with your old data all intact (if he actually got copies of course)
-
How to change administrator to user Standard setting...
Laptop of my daughter she has as an administrator. I would like to him standard value user so I could set up parental controls. I created a child (in his name) also relies on his cell phone under his administration... now what? There are two accounts on his laptop computer.
It depends on her age. Please note that if a Microsoft or a local account, children have a child account (not an administrator account) on the Win8.1 PC. You must indicate his real birthday when the setting up of its account and it will be easier to set default Smart values for what she is allowed to do on PC, Xbox, Windows Phone and online.
These items using Windows can be useful:
I hope this helps.
-
cannot access the files of another user with the admin account
I'm on a computer with Windows Vista 64-bit home problems.
I normally have the computer configured to connect automatically to a non privileged user and rarely use the admin account.
Recently, I downloaded an update (Finally, more like a relocation to the latest version) and realized that I need the admin account to install properly for all users that UAC would make things a royal PITA with a zillion prompts.I quickly disconnected and logged in as admin. Then, I realized that the installation file has been stored in the "downloads" folder in my regular account.
Worse still, I could not access this folder, or I couldn't tab of future security. All I could do was to 'change the property' to my admin account, but I really didn't block me on these issues. Even from Explorer using "run as administrator" gave me problems, although the DIR command in cmd.com would be the list of people.I used the "change user" function to log my account regular and checked the Security tab and saw that the "Administrators" Group had already read and checked 'total control '. Why can't access the admin account? As an admin with XP, I had free access to everything I wanted to leave that I wanted.
What happens if I was a parent and wanted to check to make sure that my child was not software piracy or download illegal music that would get stuck with the fines because I'm his guardian? How would I go about checking his records?
What happens if I was an employer at a small office using working groups and wanted to ensure that the employee was not downloading pornography?
How can I use the powers of the administrator to access other files (regular) user?
Why do I still need to ask this question? It was automatic under NT, 2000, XP and the various servers at least as high as 2003.I found the problem, it was ANOTHER problem with Norton Security Suite for Comcast.
I uninstalled and did not only to release 100 GIGABYTES of space, my boot time has been cut to a quarter of the former time, and this problem has disappeared.
Maybe you are looking for
-
If I remember correctly, old versions of Firefox had a black bar below the navigation bar on the opening screen that allowed specific searches for 'Images', 'News' 'Cards', 'Video', 'Shopping', etc.Now this bar only appears when a search has been per
-
"How can I find the list of search engines in my firefox brouser?
I'm trying to get rid of this painful "sweetIM. And suggestions say remove from my list of search engines. Where is this list? And I'm only a model of intermediate skill user.
-
On the new Satellite C50-A-14W battery problem
A few days ago, I bought Toshiba Satellite c - 50 a - 14w. The accumulator is recharged normally (at 100%), but when I plug the computer in the farm shows that 72% charged. This means that the battery is broken?
-
I am looking for the drivers for my Satellite P100 PSPAD
I'm looking for all the drivers for my laptop please!
-
How to read a cd and down load on my computer
hp pavilion dv6-6110tu h