Using A Standard User Account With High UAC Settings In Windows 7

Locky Changed To Use .aesir File Extension And Changed C2 Format

You should always use a standard user account in Windows 7 and Vista. We know that in in ideal world, you would have created a standard user account and a separate Administrator account when you installed Windows. However we don’t live in an ideal world and many new computers come with a default account already set up that has full Administrator permissions and access. This link will show you exactly how to create a new Administrator Account and demote your existing Admin Account to a standard user. Make sure you create the new Admin account before demoting your existing one.

When you are the only user on the computer, you can make life easier when starting up the computer, by setting windows not to ask for a user name and password when you log on and automatically log onto your everyday user account.

Windows 7 and Windows Server 2008 R2 introduce additional User Account Control (UAC) settings that are similar to the Internet Explorer security zone model. If you are logged on as a local administrator, you can enable or disable UAC notifications, or choose when to be notified about changes to your computerWindows Vista only offers you two types of UAC settings: on and off. In Windows 7, you have more settings to choose from.

The default settings for Windows 7 are set too low and can allow you or anybody with access to the computer to accidentally allow malware to install or settings to be changed. This is especially true if you have children ( teenagers) who use the computer. I Strongly recommend that you always set UAC to the highest level Always notify. When you use this setting while also using a standard user account ( not an Administrators Account) then you will be protected from 99.9% of any attempt to install malware or change any settings on your computer without you knowing about it.

You should be aware that when you use a standard user account and have UAC set to any level except “Always Notify” and something attempts to install or change settings without you initiating it, Windows is designed to silently reject the changes. This behaviour is very good in a corporate environment when windows is locked down to stop any attempt at installing programs or changing settings, but causes so many problems in a typical home environment.

The advice below has been copied from http://support.microsoft.com/kb/975787

Adjusting UAC settings in Windows 7

To adjust the UAC settings in Windows 7:

1. Open User Account Control Settings, type UAC in the Start Search box, and then click Change User Account Control settings in the Control Panel window.

Open UAC

2. Move the slider to a desired notification setting, and then click OK.

 UAC levels

There are four UAC settings that you can choose from:

  1. Always notify Select this setting if you:
    • Always want to be notified when programs try to install software or make changes to your computer
    • Make changes to Windows settings.
  2. Notify me only when programs try to make changes to my computer Select this setting if you:
    • Want to be notified only when programs try to make changes to your computer.
    • Don’t want to be notified when you make changes to Windows settings.
  3. Notify me only when programs try to make changes to my computer (do not dim my desktop) Select this setting if you:
    • Want to be notified only when programs try to make changes to your computer without the desktop being dimmed.
    • Don’t want to be notified when you make changes to Windows settings.
  4. Never notify (Disable UAC)Select this setting if you:
    • Never want to be notified when programs try to install software or make changes to your computer.
    • Never want to be notified when you make changes to Windows settings.