- Aug 19, 2019
- 1,222
Question about installing user-space programs: usually when I install a program, I right-click and choose the forced smartscreen option. This runs the installer with admin privileges. But what if it is meant to install in user space with standard privileges, such as Zoom? Is there a way to know, before trying to install? If I install such a program with forced smartscreen, it goes into the admin account.
Most programs don't install in user-space but I always check "Advanced options" when installing anything new. You can swap over to the Recommended_Strict configuration profile which won't allow user-space executable to run and therefore you'll need manually whitelist them. I had to do that with Discord in versions prior to 5.x when the change was made to allow those by default. Anyway, I would always check where things are being installed via the installer or switch to the strict profile.
From the manual:
" Updating from previous versions. Because of several important changes in version 5.0.1.0, it is recommended (just after update) to load one of the predefined setting profiles or simply apply first the Recommended Settings and next adjust the restrictions. This will properly activate the new features. The whitelisted entries will not be changed, except adjusting the Unrestricted and Disallowed rules for EXE (TMP) and MSI files.
If the user wants to globally allow EXE (TMP) and MSI files, then the profile "Windows_*_Basic_Recommended_Settings.hdc" can be applied (* denotes the Windows version). This setting profile requires an antivirus with strong proactive protection for EXE and MSI files.
If the user wants to block also EXE (TMP) and MSI files in UserSpace, then the profile "Windows_*_Strict_Recommended_Settings.hdc" can be applied. "