This doesn’t make sense. Your problem was running an unpatched five year old operating system without any virus protection, and your conclusion is that all users should run as standard users.
Have you tried running XP as a standard user for an extended period of time? My kids run under a standard user account, and pretty much nothing works. Simple learning games, installed while running as an administrator don’t work, Flash sites don’t work, etc. Sure, a developer can hack their way around it - at a much bigger productivity cost than just running anti-virus - but a “standard user” account just won’t work for standard users.
How about just running an updated, patched operating system?
Glad to see you tried my suggestion for running as admin thought I’m a little disappointed in your “loss of enthusiam” reason for continuing to run as admin. Microsoft also failed to set VB’s Option Strict to On by default in Visual Studio 2005, but that’s no reason not to turn it on yourself. Whether it’s XP or Vista, once you’ve installed it and logged on for the first time, go create a standard user account.
I’ve being developing as non-admin myself under XP and Vista for the past two years with no major complaints. The entire dev team at work has gone non-admin now too. I also setup all my less tech-savvy family and friends with a default non-admin account (in XP) and with a few tips, they can and do work happily with it.
Good topic. Infestation is a good choice of words. I can’t tell you how many times I’ve had to do a total wipe because I ways beyond repair. Fifty percent of preventing a spyware infestation begins with prevention. With proper internet security you are pretty much safe these days. But as you alluded to, a “drive-by” infection from a website can still get you, and flies under the radar. AVG finds a lot of malicious code. I have found that a lot of web servers that are not hosted in the USA are ripe with malicious code. So- a good rule of thumb, avoid ‘strange’ foreign servers. A good reference for this is ( http://www.hostedintheusa.com ) if you dont know where the server you are planning on doing business with or about to “drive-by” is hosted, do a DNS look-up and check it out to avoid a potentially nasty infection. Good luck.