User Accounts

[Old Salty Frog]

I'm a winXP Pro SP2 user and no one else uses this machine
(except the back-door users, hackers, etc of course) except me. I've
set up 2 accounts:
The administrator
Myself

Somehow a hacker got in and created a new adminstrator
account. My Administrator and the Myself accounts still
worked and can still access them with my passwords, but
I could no longer access the newly created Administrator
account since I didn't have the password for it. So o o
I FDisked, Formatted my system and re-install WinXP
Pro SP2 then created my two new accounts again.

Now, after experiencing this glich, I would like to remove
the <Create a new account> and < Guest Account> so
that no one else can f.--k my system again.

Now that I have set up these two accounts again, I DO
NOT WANT any one to create a new account via the
keyboard or the back door. Can this be done?

 

[Rick \Nutcase\ Rogers]

Hi,

You cannot remove either. You will need to better safeguard your system.
Turn on your firewall, do not turn it off for any reason. Use strong
passwords on both accounts - those that contain numbers and characters in
addition to letters - they are harder to guess or decipher. Avoid file
sharing software, as these invariably setup a server on your system for
other users to access files that are being shared. These often run even when
you are not using the software and are a major route into your system for
someone who wants to get in.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Old Salty Frog]

Hi Nutcase

I was kindda hoping it could be done.

Although I have set up the Administrator and My Accounts
with convoluted passwords, he/she/they got through. They
entered after I installed various set-ups with TWEAKUI. In the
<logon> I hid the <My account> in the Administrative
Account and done vise versa in the My account.

This way, at boot time I only see one account. I must run
TWEAKUI to change the logon set up to see the second
account. So I have a TWEAKUI set up in each of these
accounts in case I screw up. This way, I can change the
setting from one account to the next so that the at next boot
up time, I can select the account that I want to log on and
make all the modifications that I want at the next boot. I am
also running a firewall with WinXP Pro SP2, I also have a
firewall set up on my DI-704P D-Link router which connects
to my wife computer (never had a problem with hers). I also
installed the AVG antivirus PRO v7 on the Administrator
Account.and I don't have a single file in the <Share Folders>
on either accounts. Again, thanks to TWEAKUI. As a
matter of facts I've set up the wife computer the same way
than mine.

On both accounts of both computers if you go to the start
botton you won't see shortcuts for documents, for help, for
pictures and for videos. I also removed the shortcuts for
the TWEAKUI and the AVG antivirus. The shortcuts for
these two utilities are well hidden under a different name
in the entrails of the system. How do the hacker(s) get(s) in.
to screw up my system and create an account that I did not
have the password to remove.

I also know that Microsoft comes in the back door in the
middle of the night to check my system and install the new
updates. I have no problem with that since I have set up my
update to run in the middle of the night and they should be
able to go through my firewalls since they wrote windows,
but how do others get in?

Gill

 

[Rick \Nutcase\ Rogers]

Hi,

No idea how they got in, but, passworded or not, you should have been able
to remove it using the system default administrator or any other admin
account. You would also be able to reset the password, take ownership of the
user profile, etc., so you should not have had to format and reinstall.
Remember, in order to create a new admin account, they had to get into the
system via one of the existing admin accounts.

--
Best of Luck,

Rick Rogers, aka "Nutcase" - Microsoft MVP

Associate Expert - WindowsXP Expert Zone

Windows help - www.rickrogers.org

 

[Old Salty Frog]

Hi
That's right, I could not be deleted using my system default adminis-
trator or my real admin account . That sucks, and that when I
realized that I no longer controlled my computer and therefore
FDisked and Formatted the drive and reinstalled everything..

Thanks a lot Rick and maybe from my experience the programers
at Microsoft will offer a solution in the next win version.

Gill