Virus jumped accounts

12dfiopaw · Jun 13, 2018

I have had very little help in the past when looking this up online google search. Why does certain viruses seem to jump between a standard user account and an administrator account, and ending up on both. It was of my opinion that separating the two should prevent this; however, that does not seem to be the case. I run 6 pcs at our veterans home and recently had this happen. Eventually I eliminated the virus but a cost of a lot of time and effort. At first I tried on the standard user account to run 4 or 5 different virus killer programs with no success. Later I realized that it was also on the admin account too. My final solution was to erase the standard account then run all these programs on the administrator account which allowed me to get rid of it. I have had this question in mind for several years now can anyone help.

Update I believe it is not just one idea but the combined efforts of everyone that has been the solution for this post; however, I will choose one just to say its complete.

Barty1884 · Jun 13, 2018

It depends on the nature of the infection. An admin account & a "user" account are not independent operating systems.

scout_03 · Jun 13, 2018

i would do it this way full virus scan on all admin in every computer at start up that should help you .

Ralston18 · Jun 13, 2018

And be sure to: 1) Limit the rights of your standard users - no install rights, and 2) selectively block any shady websites.

smorizio · Jun 13, 2018

a few things that may help in the future. if you can make sure all the pc are the same. when new make a backup of there restore software (dvd and usb). keep these locked up so they dont walk or get infected. make sure all of the pc using one of the newer anti virus engines. (buy a site key for all the pc). make sure there updated daily. also use an ad blocker and updated browsers. i would also pick up a entry level net storage device. use some good backup software to back up users data. at some point also look at online (cloud backup). at some point look into vertiual windows software. if the vm gets infected you can delete and start the user over from a clean vm image. as people want to game with the pc..have an email and a sign posting your email to add games or 3 party software. set up that you can dial into the pc at any time and add the games/programs if there clean. a some point have a quick coffee and doughnuts meeting with the people using the pc. show them how to look out for spoofs/fake emails and web pages. i had to do that to my 80 year old dad as he infected his pc more then one time clicking on first links in google.

12dfiopaw · Jun 13, 2018

So only running in the admin account will find and kill a virus on both. Sorry but this hole subject confuses me which one to scan from why some jump and some don't. I have had viruses that are weak enough to eliminate in the standard user account by itself but suddenly have a nasty one that ends up on both and it really annoys me when the admin account gets infected when I have not even touched it until there is a virus in the first place. As a standard user they seem not to have any install rights as long as they are a standard user. I do block shady web sites. I had also thought they were not separate being connected to the operating system; however, them being apart should have some effect. So at this point there is no other way to really protect the admin account where the standard user cannot be allowed to infect it from their account.

Ralston18 · Jun 14, 2018

Do remember that viruses are programs. Written code designed to do things.

Those things may be very passive, very annoying, or very malicious. Code can be written to hide and protect itself in memory or storage. It can copy itself and store the copies in other places. Or copy and steal/transmit your data. Or encrypt it beyond recovery.

Once a virus has gotten onto your computer it is likely to be able to do almost anything. The actual actions depend on the coder's objectives - simple or complex.

Anti-virus code works to identify, stop, and remove whatever the virus code is attempting to do.

So someone writes virus code that grants a standard user selected admin rights perhaps via some "hole" in the OS code. Then those admin rights can be exploited to do even more bad things to the victim computer.

And someone else writes anti-virus code that notices the exploit and stops it. Or at least flags the attempt and warns the end user.

Move and countermove.

Admin rights do give you the power to do many things. Good, bad, or indifferent.

Yet virus code can block admin access or likewise mess with rights for all levels of users.

But you can indeed protect your system or limit the impact from some infection.

The way you protect your computer is by 1) using anti-virus software, 2) keeping that AV software up to date, 3) running regular scans, 4) backup, and 5) backup again. Verify the backups.

Avoiding, detecting, stopping, and removing virus code is going to be (and has been) a continuing effort for all users at all levels.

And keep your recovery disks up to date.

12dfiopaw · Jun 14, 2018

Man such a deal. Thanks to both Ralston18 and smorizio all you guys very helpful. I think its important to press how much I have to continue the upkeep which I try to do. Something else that make it very difficult is the vet home I live in is super cheap on things so aside from getting the pcs some are 10 years old some are only a couple years old mostly donated. Everything on them is stuff that is free so I use avast antivirus, malwarebytes scans, spybot scans and if things get bad I start using programs that are mentioned in the forums like hitman pro, rouge killer, online viruses scans ect.... end result being a reinstall. So does anyone know the kind of viruses that have this capability or have some knowledge about what kind they are and where to learn about them. Its my feeling that if I can narrow down the type maybe limiting the scans would be possible therefore taking way less time not trying to be lazy or nothing just that I always want the best and fastest solution to these kind of things. I am sure it would be difficult to even scratch the surface of these but I read somewhere that all these viruses came from an original virus or many different original viruses that are meant for doing different things. The rundown of what has been going on and in the past is one guy that lives here has psychological issues and will literally go through 300 to 500 web pages withing several hours some of those pages by the way are packed with crap. He also looks at porn so I put k9 web protection on the pcs as well. K9 seems to block a lot of the nasty stuff; however, some things get through I mean anyone that opens that many pages in that amount of time will press the limits of any antivirus, spyware,malware programs. He also loves looking at porn which is not allowed here on a public computer. For the most part it would not bother me until viruses start getting in and pop ups on the desktop of women doing different things happen that is visible to staff working here and any family members that show up. To me is seems very selfish as the other vets need this for many different things like job searchs, educational things, family things. In the end though it may not be entirely his fault as like i said before he has issues. And finally having the admin account compromised makes it really difficult to do my job.

smorizio · Jun 14, 2018

if you can see if there any local non profits that can doanate pc hardware or some local unv that are tossing out end of life pc that may be newer then one you have. make one pc that has vm windows on it and make an account for the guy that goes through a lot of web pages. when he logs off have the vm ware clean out what he did on his seasion so that it wont affect any other user. on the other pc make sure the browser is up to date and has ad block. on virus download a few free virus rescue boot disks. a lot of the bad virus the only way to get them is from a clean boot. find your local microsoft training site. there are free classes for end users how to make free images for pc. when i new pc comes in make a new clean image..put one image on the server so anyone can boot and restore the pc if needed at any time. one or two copies on usb sticks.

Ralston18 · Jun 15, 2018

In agreement with smorizio.

Also use your router to block unwanted websites.

And if possible, establish Parental Controls and QoS to restrict access.

You mentioned public computers. So if private/personal computers are allowed then maybe you can get someone to donate a computer to him. Then set it up and be ready to recover per smorizio's suggestions.

Between that and some router controls it may become somewhat more manageable and easier to affect recovery/reinstalls when necessary. With much less impact on everyone else including yourself.

Do not envy you the task but keep in mind that overall you are helping people with your efforts.

12dfiopaw · Jun 16, 2018

Yes I like the router idea and have dealt with them in the past.

So Qos quality of service your saying routing traffic to restrict access.

I have considered having him get his own and am now thinking thats a good idea but at the same time our internet provider has shut everyone down over torrent issues ie illegal downloads of movies mainly in the past many times. Hopefully thats not what hes into. The donations we have pcs for people though there are not always the best pcs but get the job done.

The impact to others I have discussed with other veterans here as they do not want me to regulate things so much to the point of not being allowed every day actions on the pcs.

I do like all these ideas they are very helpful and I will continue to learn more in depth approach to each of the things everyone has said. Gotta go now I have a migraine and will come back probably tonight and continue with this.

12dfiopaw · Jun 17, 2018

I just wanted to say me and the vets here are grateful. The better these computers run the happier they are the happier I am and the staff. I can say for certain this will have a positive effect and, I will try an implement many of these ideas.

To me a lot of this sounds like layers upon layers of protection which can have a great impact it will change how I think about this now and in the future.

I will continue to monitor this thread in case anyone has more input about this subject and wish you all a happy fathers day. Thanks 12dfiopaw.

Search

Virus jumped accounts

12dfiopaw

Great

Ralston18

Barty1884

Honorable

scout_03

Splendid

Ralston18

Splendid

smorizio

Splendid

12dfiopaw

Great

Ralston18

Splendid

12dfiopaw

Great

smorizio

Splendid

Ralston18

Splendid

12dfiopaw

Great

12dfiopaw

Great

Similar threads

TRENDING THREADS

Share this page