Using a Windows limited user account for your normal work is an effective way of reducing the chance of your computer getting infected by malware. That's because most viruses, trojans, keyloggers, rootkits and other nasties require administrator level rights to install. When you use a limited user account with reduced privileges these products simply can't get a foothold. It sounds like a great idea but there are many problems in practice. First, lots of simple routine tasks like changing the system clock, plugging in a USB drive, running a defragger and updating software can't be carried out in a limited user account. Second many applications, including a lot of security products, won't work either. Some of these problems can be solved by the judicious choice of software while others can be addressed by temporarily switching to an account with administrator rights to run any software that needs these rights. Indeed Windows has an inbuilt command line program called "RunAs" that can be used to temporarily switch to an admin level account simply by typing in the admin account password. In the Premium edition of issue #144, I mentioned a program called Sudo for Windows [1] that like RunAs, provides on-the-spot escalation of privileges for limited user accounts but is more convenient to use. Unlike RunAs, it allows the escalation directly within the restricted account so you remain the owner of the installed files, registry keys, etc. Again unlike RunAs, any icons installed are visible on your desktop. My mention of Sudo for Windows prompted subscriber Paulus T to write in about another free program called suDown [2] that does much the same thing as Sudo for Windows. It not quite a configurable as Sudo for Windows but it's simpler to use and doesn't require the .NET framework to be installed. Overall it's a better choice for most users. Paulus also alerted me to a site [3] that's dedicated to the problem of running reduced rights accounts; it's an excellent resource.
[1]
http://www.lostcreations.com/sudowin/sudowin[2]
http://sudown.sourceforge.net/[3]
http://nonadmin.editme.comhttp://techsupportalert.com/issues/al_current.htm
