A few years back I tested various viruses on an XP non-privileged account. None would run. Recently I tried the same thing on Vista Home Edition. Now, many run and drop files in the user's AppData folder, and write into their Run or RunOnce registry entries. Others fail, or generate a UAC popup. Everything seems to die, though, after logging out, and it's quite easy to clean up. I figure I can reduce the impact by changing the permissons on these registry entries so that the user has no write privilege, and malware won't restart at login. I tried changing permissions higher up, on Software, but that caused a few legit programs to fail, while changing the user's root key prevented them logging on at all with a group policy failure. I wondered if there were any other simple suggestions for locking down a user account on Home Premium etc., for someone who is basically an occasional user running built-in or mainstream programs like media player, Firefox, Acroread etc., given they have access to an adninistrator account for installing software, running defrag etc. when they need. (it still pisses me off that Windows 7 won't force - or even in-your-face suggest - purchasers to create a user account, given all the effort that's gone into UAC, NTFS access control etc.) AndrewA.Daviel