How exactly does drop my rights work?

Can I use this with my current programs that I have in my sig?

 

http://windows.microsoft.com/en-US/windows-vista/What-is-a-standard-user-account

 

Drop My Rights is normally used from an Admin account. Drop My Rights creates a process using the Admins token, but strips it down the level of a User rather than an Admin. You end up with a program running with reduced rights.

It works in XP, Vista and 7. Don't bother if you use UAC.

Technically it uses CreateProcessAsUser() along with the following:
SaferCreateLevel()
SaferComputeTokenFromLevel()
SaferCloseLevel()

Sul.

 

Good step-by-step:
http://www.techsupportalert.com/safe-surfing.php#c

 

That seems easy ^__^. But if I have UAC turned off 7 gets mad at me. XD

 

I believe UAC does essentially the same thing as DMR. But if you don't mind the prompts from UAC consider creating a limited user account and respond to the prompts with the Admin account. If you don't password protect the admin account you only have to click OK. One advantage is everything will run with reduced rights in the "user" account. Another is some malware install only in the active account and aren't active when you log in with a different account - makes it easy to get rid of them.

 

Ain't the admin account disabled by default in Vista and 7?

 

Not in 7.
after install, the only account created is the Admin account with UAC on.

 

So they've gone back to Xp with 7. Not a wise move from ms

 

well, at least UAC is on.
i think it would be too bothersome for Joe/Jane Average to run under a standard account.

 

What administrator account are you folks talking about? There are two administrator accounts: Built-in Administrator (disabled!) and the administrator account that's created when you install Windows.

The built-in administrator account has more powers than the "normal" administrator account(s), hence being disabled by default.

 

tnx for the info.

i lean something new every day here.