This article is for beginners and will show you how to use "user account control" in Windows 7/8/10.

Using UAC properly will protect you from almost every virus that has ever existed, and almost every virus that will be coming your way in the future. Acording to this study, 93% of Windows10 vulnerabilities, and 99% of Office (word/excel/outlook) vulnerabilities were stopped by using UAC properly in 2016.

If you are familiar with the Windows XP "Admin" and "Limited User", Windows 7 and Windows 10 work in a similar way. Windows 7/10 forces you to use a limited account all the time, but makes it VERY easy (almost too easy) to temporarily allow certain programs to run as admin when needed.

The first thing you will need to know is how to recognize the $150 question. Here's what it looks like.


Notice at the top, it says "USER ACCOUNT CONTROL".

Notice how the background is dim. This is the only window that does that.

If you click YES here, it MIGHT cost you $150 for me to fix it!

If you click NO here, I can always fix it for FREE!

The catch? You can't just click NO every time. Sometimes you HAVE to click YES to get things done.

Here's a quick cheat sheet for when you can click YES

On the other hand, you want to click NO in these situations

Get the idea? Now, one last thing to learn. The User Account Control system is able to verify the origins of programs it asks you about. Look in the screen shot above, in the middle, it says "verified publisher". This is important. It means Mozilla Corporation created this program. You can trust Mozilla (they are the people that created Firefox). Mozilla has jumped through a lot of hoops to make this happen for you. It is impossible for anybody else to create a program that makes User Account Control say the verified publisher is Mozilla Corporation.

Here's what it looks like when the publisher is NOT verified.


Notice the middle line just says "Publisher" instead of "Verified Publisher". There is an ORANGE band at the top, where a verified publisher has a BLUE band. The people that created this program did not go through all the trouble to get verified. This doesn't always mean the program is bad. It means you have to consider how much you trust the program you are about to run. Do you trust them enough to return $150 to you if they seen it fall out of your pocket?

Here is an example of a VIRUS that is posing as an adobe flash update. Notice how the top is not blue, it’s orange, and the verified publisher is unknown.

fake flash

You might also notice this window is asking for a password. This is because the user is logged in with a standard user account (as opposed to an admin user account). This is a good thing because it makes the user stop and think before clicking yes. If the correct password is not entered here, clicking YES will do nothing.

If you don't know whether to click YES or NO, you can always click NO, then try again later and click YES. But it doesn't work the other way, you can't click YES then get a second shot. Clicking YES allows the program to instantly make changes to your computer that takes me HOURS to undo.

If you still can't make your mind up, contact me, I don't mind! I answer these questions all the time and never charge people a penny.

In July 2014, I started getting reports of malware asking for UAC repeatedly until the user clicked YES. If this happens to you, don't click YES, just turn your computer off! Turn it back on, and if it is still asking, contact me and I can clean it for free.

NOW you know how to use UAC properly. That's the first part of being able to keep viruses from messing with your programs, but it doesn't protect you from viruses being able to mess with your data. To protect your data, you will need to use another layer of security. That's where SRP (Software Restriction Policies) comes in.

(Before November 2015, I was recommending Advanced User Account Control methods, which still work good, but I like SRP better since its more convenient for the user. No need to have separate work/play accounts or filtered internet or email blocking)