You can make almost any program run just fine without admin privs. Regmon and filemon, or http://blogs.msdn.com/aaron_margosis/archive/2006/08/07/LuaBuglight.aspx
Yes, it takes work, but it can be done. Our desktops have been significantly more stable and 100% infection free since we did the lockdown about 7 years ago. My license compliance is as good as I think can be. On Tue, Sep 1, 2009 at 2:32 PM, John Aldrich <[email protected]>wrote: > Well, that’s all well and good for technical people like you and me, but > for non-technical people, it’s hard to do so… especially when they don’t > have elevated privileges on the domain. J > > > > [image: John-Aldrich][image: Tile-Tools] > > > > *From:* Jon Harris [mailto:[email protected]] > *Sent:* Tuesday, September 01, 2009 1:57 PM > *To:* NT System Admin Issues > *Subject:* Re: MSINFO popping up > > > > Sorry I forgot to add IMNSHO. I don't run as administrator on any box > unless I absolutely need to and only for the task at hand. > > > > Jon > > On Tue, Sep 1, 2009 at 1:55 PM, Jon Harris <[email protected]> wrote: > > He should be running as an User not an Admin. That is what runas is for. > > > > Jon > > On Tue, Sep 1, 2009 at 1:26 PM, John Aldrich <[email protected]> > wrote: > > Good point. That being said, when I ran msinfo32 on my machine, it *looked* > like what was on the user's machine. Next time it happens, I'll try to make > it a point to look at the task manager. > > > -----Original Message----- > From: Kennedy, Jim [mailto:[email protected]] > > Sent: Tuesday, September 01, 2009 1:22 PM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > > > Check the process in task manager. Help About could be forged. > > > -----Original Message----- > > From: John Aldrich [mailto:[email protected]] > Sent: Tuesday, September 01, 2009 1:14 PM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > Nope. It was an MS System Info window. Or at least that's what "help > ->About" said it was. I don't know. I've never seen it before. > > > > > -----Original Message----- > > From: Steven M. Caesare [mailto:[email protected]] > Sent: Tuesday, September 01, 2009 1:01 PM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > No chance it was MSCONFIG? > > If you make changes to your startup behavior via MSCONFIG, by default it > runs again at next boot/logon. > > -sc > > -----Original Message----- > > From: John Aldrich [mailto:[email protected]] > Sent: Tuesday, September 01, 2009 12:39 PM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > Well, it was definitely the Microsoft System Information tool... but > what > caused it to pop up, I haven't a clue. Just for giggles I'll go install > MalwareBytes on that machine and make sure it's not infested or > anything. > > > > > -----Original Message----- > From: Kennedy, Jim [mailto:[email protected]] > > Sent: Tuesday, September 01, 2009 12:09 PM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > Fire up task manager when it happens. See what the process is. > Msinfo.exe is > a virus/adware usually and msinfo32.exe is part of the OS. > > > > > -----Original Message----- > > From: John Aldrich [mailto:[email protected]] > Sent: Tuesday, September 01, 2009 11:56 AM > To: NT System Admin Issues > > Subject: RE: MSINFO popping up > > User reports that he doesn't recall any consistency in what he was doing > immediately prior to the MSINFO window popping up. > > -----Original Message----- > From: Ben Scott [mailto:[email protected]] > > Sent: Tuesday, September 01, 2009 11:10 AM > To: NT System Admin Issues > Subject: Re: MSINFO popping up > > 2009/9/1 John Aldrich <[email protected]>: > > One of my users has an HP Pavilion laptop ... > > Standard question: What release and edition of Windows, and what > Service > Pack? > > > ... starting to pop up more and more often ... turned out to be > MSINFO. > > I can't even start MSINFO from Start -> Run on my box. I have to > hunt down the icon in the Start Menu. > > What's he doing when/before MSINFO opens? What programs are running > in the background? Check startup items. I seem to recall MSINFO was > introduced as part of MS Office (way back when); maybe check around in > there? > > Do you have good anti-virus? Does the user have admin rights? > > > He says that > > typically, no matter what he does, the laptop shuts down on him > shortly > > after seeing the window pop up. > > Do you have the auto-reboot on STOP feature turned on? If so, that > often translates into "my computer is shutting off" from the users. > > We turn turn this off as part of our standard config. It's one of > Microsoft's dumber ideas, IMNSHO. System Properties -> Advanced tab > -> Startup and Recovery Settings -> "Automatically restart". > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.409 / Virus Database: 270.13.74/2339 - Release Date: > 09/01/09 > 06:52:00 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.409 / Virus Database: 270.13.74/2339 - Release Date: > 09/01/09 > 06:52:00 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.409 / Virus Database: 270.13.74/2339 - Release Date: 09/01/09 > 06:52:00 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.409 / Virus Database: 270.13.74/2339 - Release Date: 09/01/09 > 06:52:00 > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > > > > > > > No virus found in this incoming message. > Checked by AVG - www.avg.com > Version: 8.5.409 / Virus Database: 270.13.74/2339 - Release Date: 09/01/09 > 06:52:00 > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
<<image001.jpg>>
<<image002.jpg>>
