Well you've given me lots of good info and I appreciate it.

I inherited this particular facility and it is a loose arrangement.
Fortunately I haven't run into anything like updating java and
something doesn't work, or a print driver that messes up the others.
Most of the users are either fairly savvy or so scared of anything
unusual that when the anti-virus pops up a message that it needs to
update itself the get worried and call me.

The gottchas of non-admin have been many and time consuming. An Access
run time that won't run as non-admin (I think because it has to access
a back end, still sorting that one out). A user's outlook couldn't
open their PST because I'd made the mistake of moving it into place as
admin, so it had admin ownership. A backup program that needed "run
as" established in three different places. The same program shows as
being in demo mode and about to run out if I don't register it. Etc.,
etc.

So I'm back to my main questions. In XP if a logon is non-admin, there
is no UAC question, does a virus trigger a "you don't have permission"
message? Or they go ahead and get infected but only their user area
(as you implied)? If it's W7 and they get a UAC question at an odd
time, when they haven't attempted to install anything, if they don't
okay it (or give admin logon and address) then the virus can't do
anything? Or do viruses manage to infect anyway. I realize of course
there are all types, which is part of what makes me wonder. Are some
common ones smart enough to get around all this, or is non-admin (if
the user doesn't okay anything) really going to block, or at least
limit it (on XP) to the user area. If that's REALLY the case then it
may be worth the pain. If not it's not.

Thanks

On Mar 24, 8:48*am, "Shenan Stanley" wrote:
njem wrote: