Does a Standard windows account protect pc against downloaded rootkits & trojans

broughie

Level 2
Thread author
Verified
Sep 11, 2013
87
Having had a zero access rootkit wreck a previous pc when using an admin account, can a standard account which using now, prevent my MBR & system files being corrupted by a rootkit from a download etc ? Advice appreciated
 

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
It will not matter what type of account you have enabled.UAC set to max and being smart about what emails and attachments you open as well as programs you run and install is really the best prevention.Also keeping Windows and AV programs updated will help in the prevention also.
Both administrator and standard user accounts both run under the security of a standard user .The only difference is an Administrator account allows the user to authorize admin access to the system.
 
  • Like
Reactions: Chromatinfish 123

Chromatinfish 123

Level 21
Verified
May 26, 2014
1,051
If you vow never to download anything you will never get a true trojan.

Firewalls protect against worms.

Malware that sneaks up (aka downloads without your consent) should be blocked by AV.

However, account of any type will not automatically be more protection. If you don't know the password for your admin access then standard account is safe only because you cannot download any software. Schools and business organizations do this so only the IT guys can see whether it is malware or not and enter the passcode.
 

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,457
Quote: " Avecto analyzed data from security bulletins issued by Microsoft throughout 2014, and found that the number of Microsoft vulnerabilities (242) with a critical severity rating increased 65% over the previous year. Furthermore, 80% of all Microsoft vulnerabilities - regardless of severity ranking - could be mitigated by removing admin rights.

The results also revealed that removing admin rights would mitigate 98% of critical vulnerabilities affecting Windows operating systems, 95% of critical vulnerabilities affecting Microsoft Office and 99.5% of vulnerabilities in Internet Explorer. "

Source: Removing admin rights mitigates 97% of critical Microsoft vulnerabilities

Should answer your question and just did on one of my own in another thread about guest accounts.
 
  • Like
Reactions: Chromatinfish 123

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
A standard account will limit what you can do.IMO I would run it as an administrator with UAC set to max and be very vigilant in what you click on and allow.If it is your PC you should be able to enjoy it without limitations you just have to be smart about where you go online,emails with attachments as well as downloading software from the vendor or a reputable download service.
 
  • Like
Reactions: XhenEd

Chromatinfish 123

Level 21
Verified
May 26, 2014
1,051
Quote: " Avecto analyzed data from security bulletins issued by Microsoft throughout 2014, and found that the number of Microsoft vulnerabilities (242) with a critical severity rating increased 65% over the previous year. Furthermore, 80% of all Microsoft vulnerabilities - regardless of severity ranking - could be mitigated by removing admin rights.

The results also revealed that removing admin rights would mitigate 98% of critical vulnerabilities affecting Windows operating systems, 95% of critical vulnerabilities affecting Microsoft Office and 99.5% of vulnerabilities in Internet Explorer. "

Source: Removing admin rights mitigates 97% of critical Microsoft vulnerabilities

Should answer your question and just did on one of my own in another thread about guest accounts.
See even if you are a standard account and downloading software they will require admin privileges (aka sign in as admin and enter password).

And btw that link is for businesses.
 
  • Like
Reactions: Exterminator

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Quote: " Avecto analyzed data from security bulletins issued by Microsoft throughout 2014, and found that the number of Microsoft vulnerabilities (242) with a critical severity rating increased 65% over the previous year. Furthermore, 80% of all Microsoft vulnerabilities - regardless of severity ranking - could be mitigated by removing admin rights.

The results also revealed that removing admin rights would mitigate 98% of critical vulnerabilities affecting Windows operating systems, 95% of critical vulnerabilities affecting Microsoft Office and 99.5% of vulnerabilities in Internet Explorer. "

Source: Removing admin rights mitigates 97% of critical Microsoft vulnerabilities

Should answer your question and just did on one of my own in another thread about guest accounts.
Like @Chromatinfish 123 said above that article is based on a business running a number of seats not the home user.Why would the home user want to block access to their own settings on their own PC? Of course if you have a family member as a standard user or guest accounts that is fine.The question at hand though is will a standard user account prevent you from becoming infected and the answer to that is no.
 
  • Like
Reactions: XhenEd

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
Broughie- I don't mean to darken your day, but there are many other malware types beside rootkits that are totally unconcerned with what type of Account you are using and what level UAC is set. They will happily infect you in any case.

So don't worry about account type- it isn't worth it.
 

broughie

Level 2
Thread author
Verified
Sep 11, 2013
87
Thanks for responses my question not so much about infections as I have all the security measures advised plus av , mbam pro ,antilogger
ubloc ,UAC max and I also Sandboxie and virus total all downloads & browser at all times etc etc .It is whether a standard account is an extra safeguard against a bad file/download being opened within it (trojan/rootkit within)and AV missing it & it causing critical system changes and potentially wrecking the pc. Lots of "expert" advice on
internet suggest that deleting the standard account after an attack will leave the actual pc system (MBR, system files etc) intact .
I quote from microsoft.com
"Although an administrator account provides complete control over a computer, using a standard account can help make your computer more secure. That way, if other people (or hackers) gain access to your computer while you're logged on, they can't tamper with the computer's security settings"
and quote from howtohaven.com "So why then, you may ask, should you bother to set up and use a standard user account? The general thinking among those security experts is that even though you can still be infected and your data harmed or stolen from a standard user account, the number of possible ways malware can infect your system is fewer in such an account than in an administrator account. Barring bugs in Windows itself, theoretically, the malware cannot do things it traditionally does, like modify your Windows system files"
 
  • Like
Reactions: upnorth

Chromatinfish 123

Level 21
Verified
May 26, 2014
1,051
I quote from microsoft.com
"Although an administrator account provides complete control over a computer, using a standard account can help make your computer more secure. That way, if other people (or hackers) gain access to your computer while you're logged on, they can't tamper with the computer's security settings"
and quote from howtohaven.com "So why then, you may ask, should you bother to set up and use a standard user account? The general thinking among those security experts is that even though you can still be infected and your data harmed or stolen from a standard user account, the number of possible ways malware can infect your system is fewer in such an account than in an administrator account. Barring bugs in Windows itself, theoretically, the malware cannot do things it traditionally does, like modify your Windows system files"

If you give it admin privileges it still can infect your system.

We've had malware in our college before due to dumb IT people allowing students to run programs with admin privileges.

Some programs that are legitimate require admin privileges to run, and even so a rogue trojan can disguise as legitimate program and make you run it on admin privileges.

However, if you don't give it the password it is safer but if you put in your admin password whenever it pops up then no it is the exact same.
 

broughie

Level 2
Thread author
Verified
Sep 11, 2013
87
Thank you so Microsoft & majority of other online advice is correct , running a Standard account for daily pc is a vital extra safeguard in protecting the pc system. I seem to remember Littlebits stating this also .The vast majority of the programs and downloads including practically all my security programs I use, do not require an admin password , only Revo & Spywareblaster do so on my pc .
 

Chromatinfish 123

Level 21
Verified
May 26, 2014
1,051
Thank you so Microsoft & majority of other online advice is correct , running a Standard account for daily pc is a vital extra safeguard in protecting the pc system. I seem to remember Littlebits stating this also .The vast majority of the programs and downloads including practically all my security programs I use, do not require an admin password , only Revo & Spywareblaster do so on my pc .
Ok then Go ahead :)
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Actually if you want really a secure against all the attacks then use Guest Account instead of Administration. But as we speak for Standard Account then you need to rely on combination tools.

One for AV + One for Virtualization to revert any changes done to your system, these days viruses can run normally except from Guest Account so which why always be vigilant on your actions.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top