Main Page 
PC Review
Forums
Newsgroups
Microsoft AntiSpyware
Spyware Discussion
Which Local Group to use
Forums
Newsgroups
Microsoft AntiSpyware
Spyware Discussion
Which Local Group to use
 |
Which Local Group to use |
|
|
Thread Tools | Rate Thread |
24-01-2005, 08:09 PM
|
#1 |
|
Guest
Posts: n/a
|
Which Local Group to use
This may be a little off topic, but here goes. Currently,
on our network, the users are local admins on their machines. This has caused a MASSIVE spyware headache for the IT staff. I would like to reduce permissions on the users machines but some of our poorly written applications require Power Users instead of just users. I know that Power Users would be better then administrators on the local machine, but would I really be able to reduce spyware infection this way. Any information would be greatly appreciated. Thanks Branden |
|
|
24-01-2005, 08:15 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: Which Local Group to use
For effective removal of Spyware, AntiSpyware has to be run as an
Administrator. It is still beta and recommend you wait until an Enterprise solution is available from Microsoft scan networks for Spyware. It is currently in consideration. In the mean time, the best thing you do is to have those machines start in safe mode and thoroughly scanned using full system scan. Scan Options > Full System scan. Andre "Branden Holloway" <anonymous@discussions.microsoft.com> wrote in message news:16ab01c50250$91c197b0$a501280a@phx.gbl... > This may be a little off topic, but here goes. Currently, > on our network, the users are local admins on their > machines. This has caused a MASSIVE spyware headache for > the IT staff. I would like to reduce permissions on the > users machines but some of our poorly written applications > require Power Users instead of just users. I know that > Power Users would be better then administrators on the > local machine, but would I really be able to reduce spyware > infection this way. > > Any information would be greatly appreciated. > > Thanks > > Branden |
|
|
|
24-01-2005, 08:35 PM
|
#3 |
|
Guest
Posts: n/a
|
Re: Which Local Group to use
Thanks for the recomendation, I believe that I may not have
given enough details though. What I am trying to do is reduce the number of infected machines. I am of the understanding that minimizing user access to the machine will reduce the effect of spyware so that I can just blow away a profile vs. rebuilding the machine. This is what I am trying to accomplish. I am wondering whether or not the Power Users group reduces access to the registry enough so that spyware can only infect the HKey_Current_User and not HKey_LocalMachine >-----Original Message----- >For effective removal of Spyware, AntiSpyware has to be run as an >Administrator. It is still beta and recommend you wait until an Enterprise >solution is available from Microsoft scan networks for Spyware. It is >currently in consideration. In the mean time, the best thing you do is to >have those machines start in safe mode and thoroughly scanned using full >system scan. Scan Options > Full System scan. > >Andre >"Branden Holloway" <anonymous@discussions.microsoft.com> wrote in message >news:16ab01c50250$91c197b0$a501280a@phx.gbl... >> This may be a little off topic, but here goes. Currently, >> on our network, the users are local admins on their >> machines. This has caused a MASSIVE spyware headache for >> the IT staff. I would like to reduce permissions on the >> users machines but some of our poorly written applications >> require Power Users instead of just users. I know that >> Power Users would be better then administrators on the >> local machine, but would I really be able to reduce spyware >> infection this way. >> >> Any information would be greatly appreciated. >> >> Thanks >> >> Branden > > >. > |
|
|
|
24-01-2005, 10:03 PM
|
#4 |
|
Guest
Posts: n/a
|
Re: Which Local Group to use
In any enterprise environment it is not recommended run as either Power User
or Administrator 24-7, it is best to run those machines under a limited user account. Andre "Branden Holloway" <anonymous@discussions.microsoft.com> wrote in message news:16ab01c50250$91c197b0$a501280a@phx.gbl... > This may be a little off topic, but here goes. Currently, > on our network, the users are local admins on their > machines. This has caused a MASSIVE spyware headache for > the IT staff. I would like to reduce permissions on the > users machines but some of our poorly written applications > require Power Users instead of just users. I know that > Power Users would be better then administrators on the > local machine, but would I really be able to reduce spyware > infection this way. > > Any information would be greatly appreciated. > > Thanks > > Branden |
|
|
|
24-01-2005, 10:15 PM
|
#5 |
|
Guest
Posts: n/a
|
Re: Which Local Group to use
I think he knows that as do I but we have applications written by folks who
break the MS rules and REQUIRE the user to be local admin or at a minimum a power user - it's very annoying but the vendors are not being forced to do things right. I would like to blame it on lazy programmers but I am not wearing my flame retardant pjs right now! "Andre Da Costa" <andred25@hotmail.com> wrote in message news:eZzS5CmAFHA.2368@cpmsftngsa05.privatenews.microsoft.com... > In any enterprise environment it is not recommended run as either Power > User or Administrator 24-7, it is best to run those machines under a > limited user account. > > Andre > "Branden Holloway" <anonymous@discussions.microsoft.com> wrote in message > news:16ab01c50250$91c197b0$a501280a@phx.gbl... >> This may be a little off topic, but here goes. Currently, >> on our network, the users are local admins on their >> machines. This has caused a MASSIVE spyware headache for >> the IT staff. I would like to reduce permissions on the >> users machines but some of our poorly written applications >> require Power Users instead of just users. I know that >> Power Users would be better then administrators on the >> local machine, but would I really be able to reduce spyware >> infection this way. >> >> Any information would be greatly appreciated. >> >> Thanks >> >> Branden > > |
|
|
|
24-01-2005, 10:37 PM
|
#6 |
|
Guest
Posts: n/a
|
Re: Which Local Group to use
I think you will see some major changes to that from Microsoft in this
product John. Windows Update Services will probably be the best way for Admin's to ensure that unlimited accounts are protected with Enterprise release of AntiSpyware. Andre "John" <everett.mcgill@remove_this_to_email_me.gmail.com> wrote in message news:etoizJmAFHA.2028@CPMSFTNGSA04.privatenews.microsoft.com... >I think he knows that as do I but we have applications written by folks who >break the MS rules and REQUIRE the user to be local admin or at a minimum a >power user - it's very annoying but the vendors are not being forced to do >things right. I would like to blame it on lazy programmers but I am not >wearing my flame retardant pjs right now! > > > > > "Andre Da Costa" <andred25@hotmail.com> wrote in message > news:eZzS5CmAFHA.2368@cpmsftngsa05.privatenews.microsoft.com... >> In any enterprise environment it is not recommended run as either Power >> User or Administrator 24-7, it is best to run those machines under a >> limited user account. >> >> Andre >> "Branden Holloway" <anonymous@discussions.microsoft.com> wrote in message >> news:16ab01c50250$91c197b0$a501280a@phx.gbl... >>> This may be a little off topic, but here goes. Currently, >>> on our network, the users are local admins on their >>> machines. This has caused a MASSIVE spyware headache for >>> the IT staff. I would like to reduce permissions on the >>> users machines but some of our poorly written applications >>> require Power Users instead of just users. I know that >>> Power Users would be better then administrators on the >>> local machine, but would I really be able to reduce spyware >>> infection this way. >>> >>> Any information would be greatly appreciated. >>> >>> Thanks >>> >>> Branden >> >> > > |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
