Hi wellju, thanks for the thread; hope you don't mind if I hit you with some noob UAC questions, since I'm trying to figure out W7 for the first time after being an XP-for-lifer.

1. The most noticeable thing to date, as I've been trying to set up my poker clients and 3rd-party apps is that there seems to be some UAC tug of war between your advice and everything HEM support has to say. The VERY first thing HEM has to say, pretty much in trouble-shooting anything, is "First, make sure UAC is off". And your rallying cry in this thread is "Turning UAC off is stupid, don't ever do it." So, I'm not really getting it...why are you so insistent that UAC needs to be on ALWAYS and set high, while HEM thinks that turning it off is no big deal?

2. My single biggest problem is with Synergy, the coolest keyboard/mouse sharing app on the face of the earth. I love it. Here's the problem >> Synergy is 'locked out' whenever the UAC prompt comes up. IOW, as soon as I get the UAC prompt, my other computer's keyboard/mouse (that I've been using to control my poker computer) simply freeze up, and I'm forced to use the native keyboard/mouse combo to enter my admin password. This is really annoying because it's a laptop. So i have to keep an external keyboard/mouse plugged into it and nearby for those frequent times that the UAC prompt displays, which kinda defeats the purpose of Synergy to begin with. I've done a lot of Googling, and this is a known issue and the only solution any ever posts is "turn off UAC", but that's a no-no in your books, so I don't know what to do. Any ideas?

3. Lastly, and this is prob the most noob Q of all: Is there any setting that I can enable whereby a program that needs to be run as an administrator doesn't give me the UAC prompt every time I launch it? Maybe I'm misunderstanding how UAC works / what it does, but if the deal is that Pokerstars, for example, is a "trusted" program and therefore it's safe to run it as an admin...well, why shouldn't there be some setting where we tell W7: "Hey, Stars is a trusted app, and it's cool to run it as an admin without UAC-prompting me for the admin password every time"? Or IS that setting somewhere?

The holy grail I guess I'm trying to get to (if it exists) is one where I get all of the benefits of not allowing anything to run as an admin (which I thought was the purpose of this thread), while designating some programs that not only is it cool to run as an admin, but it's ALWAYS cool so I don't need to be UAC-prompted for a password.

Thanks again!

I've had all kinds of problems with my computer lately.

Why does every time I re-start my Windows firewall switches from ON to OFF?

I just got through creating a non-Admin account and went to log on with that and noticed it was OFF again and could not change it to ON. So I switched user to my new Admin account to fix it. All my settings on my computer are all out of whack now. I have a Nero Search thing on my bottom toolbar which was never there, and all my size setting are all messed up and it doesn't look like my Firefox add-ons are intact. WOT is gone, avatar blocker is gone, etc.

My main question is, why does my firewall revert to "OFF" every time I restart my computer? I have loaded a few free AV scanners which seem to have a firewall. Is their firewall taking precedence? Is it OK that my Windows firewall reverts to OFF? I have Outpost Security Suite Pro 7.1, Avira, and AVG Internet Security 2011. I know you are only supposed to have 1 AV program but as long as each scan of theirs shows varying results I will not feel comfortable with just 1 AV scanner.

Also my MalwareBytes trial period has ended. If I wish to retain this excellent scanner, must I pay for it at this point? I tried removing the program and re-downloading from download.com but it still said "Your trial is over". However the scan still appears to run normally but never shows any infection. So it's kind of misleading. I've since removed it entirely from my computer.

OT: My friend built me this computer and I'm operating a pirated copy of Windows XP. No idea why he gave this to me as I did not ask for it. 6 months ago I got slammed with the fake security trojan system hijack virus that MalwareBytes took care of. But I talked to my friend and he was like "Getting a legit version of Windows so you can get all the updates would be the best thing to do first" GEE THANKS. lol.

So my 2nd question is, how important is having a legit Windows OS ? I don't mind paying for it. I never asked for an illegal version in the first place and wish he would have just set me up with a legit version to begin with.

Thanks!

OK if I don't re-start the computer, but just Switch User to my non-admin account (after turning windows firewall on in Admin), the firewall remains on. So that's good I guess. I'll just have to remember if I restart my computer (rare) to sign in as Admin and turn firewall back on before Switching User.

Also my Firefox setting appear to still be intact for my now non-Admin account, which is good. The text is still kinda stretched out though but at least it's not 9000 font and unreadable like it was before. Had to fix this in Admin mode before it took effect in non-Admin.

Thanks for starting this thread. I never would have thought to operate in non-Admin mode for day-to-day use but if it helps then it's totally worth it.

after doing this, my norton security scan says: need admin privilege to run. any way around this??

Sorry for the late answer, but most of your questions could have been solved by either reading the thread or giving it a little bit of thought.
Here we go anyway.



To undo it, you just promote your user account back to admin and delete/distable the admin account you've created prior.
Even tho I can't see why you would want to do that as there is several other solutions to your issue.

1. Log in to your admin account and do it from there, that's what the account is for.
2. Retake posession of the files to your current account. Step by step guide can be found here: http://www.sevenforums.com/tutorials...rs-groups.html
3. Download this file, doubleclick and reboot. Then you'll have a context menu entry that does all the steps for you in the above mentioned guide: http://www.sevenforums.com/attachmen..._ownership.zip





@1 Earlier in this thread Fozzy thanks me for the additional over hours this post has brought them. The reality is quite simple. Incorporating the kinda messed up user system in an advanced application like HEM takes a lot of effort. They rather not invest that time obviously, but it get's in the way of your systems security tremendously. It's just either you care about security, or you don't.
@2 It's quite a simple decision again. The developers of synergy have been sloppy in that regard and don't give a damn about your systems security if the only advice is "switch off UAC". When you do so, the whole purpose of running as user instead of admin is defeated. You decide if it's worth it.
@3 Just to be clear, UAC prompt isn't the same as the admin-password prompt. And no, there's no way around it. If there would be, malware could take this way around it.



1. Decide for only one AV. Having more than one is the opposite of useful and brings various security and system integrity issues with it. As long you insist on having multiple AVs on your system, I can't help you.
2. The win Firewall is shut off because one of your AVs tells her to do so. Install the AVs and the issue will be gone.
3. Running a non legit copy of XP in 2011 is a guaranteed way to get malware. Buying windows7 is a way better investment than most hardware uprgrades, even performance wise ...


Yes, give all the .exe files in your Norton installation directory admin privileges. You can find how to do it 3 times itt.
In worst case you'd have to reinstall Norton once. The installation routine will be advanced enough to handle the non-admin user account from now on, but might have issues when you make this changes after installing Norton.

edit: problem solved

thanks for advice

i'm using WinXP

created second account with limited access

all programs like HM, pokerrooms, firewall, etc works without any problems (i've installed them on non system drive). i don't even need to type passwords every time that i run them

Good preventive method, definitely beneficial but implementation is the 1st policy.

i'm not sure if this has already been answered in this thread, but i'm wondering if i run only the poker client, HEM, and a site like Sharkscope on my admin account, am i okay with regard to the OP's warning regadring not using an admin account for general computer use?

i would use another user account for everything else like web surfing, gaming, etc.

the thing is that for whatever reason i couldn't get HEM1 working on a user account but got it working on the admin account. it's too frustrating for me to deal with getting it to work on a user account because of the postseql headaches and i just don't want to deal with it anymore.

i have all the usual security programs on the admin account like Malwarebytes, etc.

It's definitely a viable work around derosnec.

As the measurements are made to prevent you from random, untargeted attacks, if you're disciplined with switching accounts you're fine in theory.

The time you'll spend switching accounts could be used to maybe clear up your issues as for most users there weren't any or if, easily fixed.

hi wellju,

i seem to have a virus where when browsing the internet it will suddenly close and a 20 error boxes come up saying there is some hard drive error

uh

what do i do

(directed at anyone for that matter, not just wellju)

fml

thanks

ah damn i have no idea what i click / emails ive opened

what to do!!!

edit: um how safe are the major porn websites ? :P

Probably best if you follow the malware sticky and make a new thread butterfly so one can have a detailed look at it.

Thanks for this wellju, will try it out.

I am still running xp which only has limited user and admin options. I made a limited acct. to use, and notice less problems with slow speed/freezing etc. But is there a way around this issue? or is it time for me to look into windows 7?

Upgrade to 7

Thanks, was scanning around and caught this thread. just bought a $1500 desktop.

bump

I'm hoping to make my computer super safe, so far I have:

*Standard user account (Win 7)
*Firewall activated
*Firefox with the following addons: Pop-Up blocker, Noscript, M86 Security and flash blocker
*WOT and Mcafee Site adviser installed
*Mcafee anti virus with real time protection (I'm thinking of changing to Avast).
*Windows automatic updates activated.

What other measures can I take to make my computer even more secure? Would anyone recommend I use the newest version of Internet Explorer. I heard that Internet explorer is meant to be the safest browser nowadays.

Thanks for your feedback.


Also, in the event that my computer gets a keylogger, what's the best way to input my password so that they can not read it? Would it be better to copy and paste the password, or half paste and half type it? Would this bypass the keyloggers ability?

http://www.keepass.info/

hey great thread... thanks welju

quick question; ive just done your trick of removing administrator rights..
would that heal/delete a type of malware or trojan horse that was installed prior to this?

if thinking worst worst scenario, i play vs the new potripper, would his program fail after i did this or is it too late?

No it would not. Applications that gained unwanted access before you converted your user account would likely still be able to continue to work although that might be different for every case or type of malware.

It's a preventive security action and is ideally done just after a fresh install if your system might be compromised.

Hi, Im trying to set up my system more secure and just found out about this (doh!).

Have some problems with setting this up correctly. So far I created the admin account and converted my profile into a non-admin one. Now HEM doesnt work and gives me the forementioned error with Access to the path "xxx:/statranges.xml" is denied". I have set HEM to Run as Administrator.

I also cant install new programs, it just says that I need administer rights for this. The weird thing is that at no point does Windows actually ask me for an admin password when I try to do this stuff! So I figured its about UAC settings and seems like Im right. When I try to edit the UAC settings with the non-admin profile, it doesnt open the window. With Admin account I opened it and the settings were set to the lowest. I changed them all the way up and logged off. That did nothing.

Any ideas whats going on? Ill try to convert my user profile to admin again and change the UAC settings using that profile, maybe thatll work...

edit: Nope, on admin mode I was able to change the settings and it now shows the settings as all the way up (most secure). But Windows still doesnt ask me for the Admin password when I try to run HEM on Admin mode or when I try to install programs. Any clue on how to fix this? Will have to go back to using Admin if this doesnt figure out...

Thanks >)

Are you sure you have set a password for the admin account?

Yep =P have my account (password protected), the admin account (password protected) and a Guest account. Kind of confusing, any ideas? Im using Windows 7 DeepBlue 32bit with all the latest Windows Updates. Im using my account as admin now to be able to use HEM and actually install programs..