I'm trying to move workstaions in our office to non-admin logons for
better virus protection. Man, what a pain. The complications seem to
be unending. So now I want to verify that it's even worth it. Who
understands how viruses infect well enough to really know (not just
have heard) that not having an admin logon as the normal user logon
actually makes it harder for viruses? None of my stations are logged
on as "Administrator" just as some user that is an admin. And it's a
mix of XP and W7 stations and I _think_ that makes a difference. I
have a vauge idea that under XP if the user is an admin they, or a
virus, can do pretty much anything with no need to give permission. So
maybe on an XP station it's worse. On a W7 station even if they are an
admin level user (and UAC is at default level) you'll get an ask
dialog if a virus wants to install something, I think. But would a
virus infection really trigger a "you don't have permission" message
if on XP a user was not an admin? Would it trigger a UAC confirmation
box in W7? Or do they manage to bypass all that? (I know if a scam can
trick a user into clicking okay all bets are off.)

Thanks