Mysterious user account appeared in the Administrators group - should I remove it?

I recently noticed that a user account has been done on my computer in the Administrators group.  The account name is a random combination of 12 characters of letters, and I know that I did not. In addition, no one else was using my computer. What is the hidden "Super-Administrator" account or is this a sign that my computer has been hacked?  In other words, should I delete the account?

I am running Vista Business and I recently installed Vista Service Pack 2, but I don't know if this is related.

Also, I searched for an answer on the internet for an hour and found nothing.

Hello

Create a new ADMIN account with the same password 1 - always keep an unused ADMIN account to fix
and test.

Make a Restore Point - delete the account - do another restore point and check the system for malware.

How to create a Vista System Restore Point
http://www.Vistax64.com/tutorials/76332-system-restore-point-create.html

How to make a Vista system restore
http://www.Vistax64.com/tutorials/76905-System-Restore-how.html download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone. (If Rootkits run UnHackMe)

Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

Malwarebytes - free
http://www.Malwarebytes.org/

Run the malware removal tool from Microsoft

Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.

You should get this tool and its updates via Windows updates - if necessary, you can download it here.

Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
(Then run MRT as shown above.)

Microsoft Malicious - 32-bit removal tool
http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

Microsoft Malicious removal tool - 64 bit
http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=en

also install Prevx to be sure that it is all gone.

Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

Prevx - Home - free - small, fast, exceptional CLOUD protection, working with other security programs. It comes
a scan only, VERY EFFICIENT, if it finds something to come back here or use Google to see how to remove.
http://www.prevx.com/   <-->
http://info.prevx.com/downloadcsi.asp  <-->

Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.asp

--------------------------------------------------------

If necessary here are some free online scanners to help the

http://www.eset.com/onlinescan/

http://www.Kaspersky.com/virusscanner

Other tests free online
http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1

--------------------------------------------------------

Also do to the General corruption of cleaning and repair/replace damaged/missing system files.

Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup

Start - type this in the search box-> find COMMAND at the top and RIGHT CLICK – RUN AS ADMIN

Enter this at the command prompt - sfc/scannow

How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.Microsoft.com/kb/928228

Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.

How to run the check disk at startup in Vista
http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html

-----------------------------------------------------------------------

If we find Rootkits use this thread and other suggestions. (Run UnHackMe)

http://social.answers.Microsoft.com/forums/en-us/InternetExplorer/thread/a8f665f0-C793-441A-a5b9-54b7e1e7a5a4/

I hope this helps.

Rob - bicycle - Mark Twain said it is good.

Tags: Windows

Similar Questions

  • Difference between built in Admin users and assigned to the Administrators group.

    I'm trying to use a printer on Remote Desktop Services OPOS driver.  My computer is Windows 7 and Server 2008 R2 64-bit.

    If I remote as the built in Admin, driver utility works correctly.  IF I log in as a user assigned to the Admin group I have error claim OPOS.

    I tried to copy the user information in the case where the user data has been corrupted.

    Can you please explain, shed some light on how and why w/Admin user rights do not work on the opos utility.

    The hidden administrator account does not have the UAC filtered token as other accounts admin "a programmer is just a tool that converts the caffeine in code" Deputy CLIP - http://www.winvistaside.de/

  • The permissions of folder/drive Windows 8 will not work with the Administrators group?

    I read through some of the other questions on the etc folder permissions, but don't really know the answer to this question, or I do not understand what has been the response.

    I did a new install of Windows 8 and have a few records that I stored stuff I now want to use it as well with Windows 8.  As with the other threads, I was getting access denied error etc and have not defined administrators group/full control permissions, but I still couldn't access readers, and my connection is type administrators.

    When I take the disk permissions with my local user rather than to the Administrators group, but, it works very well, even if no one else can access the drives.

    I am confused on how I can make this work for administrators rather than my specific user account, thank you very much!

    If you know that you are a member of the ADMINISTRATORS group, then just browse the classic desktop and open Windows EXPLORER (WINDOWS KEY + E). Right CLICK on the C DRIVE, and then choose PROPERTIES. Click the SECURITY TAB, and then click the entry of ADMINISTRATORS (computername\administrators). Verify that the checkbox under ALLOW checked for each entry. If it not to hit EDIT and tick all the boxes ALLOW. Then click OK and OK. Check the settings for the SYSTEM account.

    If the first step does not work, try this step only. If it does not, click ADVANCED on the SECURITY tab. In the PERMISSIONS tab highlight of ADMINISTRATORS, choose CHANGE PERMISSIONS. Ensure that all are checked in the BASIC PERMISSIONS area. The menu is APPLIES to drop down, make sure it is set on this FOLDER, subfolders and FILES. Click OK, OK, and then APPLY.
  • I can't create a new user account (Windows 7): the user profile service service has no logon

    I tried to create a new user account, but I get the following error when I try to open a session with him:

    the user profile service service has no logon

    Until I leave than anything more I will add that I activated the hidden administrator account and this is the account I use to create a new standard user account.

    Most of the patches for this issue are due to the fact that delete manually a user account does not remove the registry key that are associated, and you are required to go to the next section of the registry:

    HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\PROFILELIST

    and delete the key associated with the user account to be deleted.

    This fix IS NOT help, because whenever I try to create a new user, Windows doesn't bother creating a registry key to the new user.  The new user account appears in the account management window.  If I right click ondesktop and select Properties, then the settings , select the Advanced tab and click settingsunder USER PROFILES, the new account appears not here no more.

    It is a huge problem.  I have other people who use this laptop and I don't want to use my login information, or the guest account.  I'm not editing the registry just to make a new account.

    Please tell me there is a fix for this that works.  Windows 7 was not free, and this kind of problem is very frustrating for the premium software.

    Thanks - this is the only tip that help me to find the solution to this problem.

    Two files in the folder C:\Users\Default\AppData\Local\Microsoft\Windows Live could not be copied without administrator privileges.  This caused the connection in the attempt fail for all newly created user accounts.  The files are:

    C:\Users\Default\AppData\Local\Microsoft\Windows Live\Bici\Bici1_00.sqm

    and

    C:\Users\Default\AppData\Local\Microsoft\Windows Live\SqmApi\SqmData720896_00.sqm

    I've added the read permission for all users in these two files and retried the logon.  The opening of session proceeded set up initial user and filled perfectly.  Probably, this problem started when I installed Windows Live Messenger which is the only Windows Live application, I installed.

    Other important in your message board was to check the event log which stressed the two files which could not copy.  Otherwise provided in WARNING messages immediately preceded files event log error message indicates that the profile service could not connect.

  • Need help with my doen't account appear on the list of the user accounts our users

    On my computer at school the guy tech somehow set up an account on my computer remotely somehow so I could access the school's network. in any case said account has almost no privleges (I can't even shut down my computer with it for the love of God), but when I go to my user accounts to change the properties of it, it does not appear as an account on my computer.

    So my question is how do I get this account appears on the list of user accounts, either they have admin privlages.

    Hello

    As a COMPUTER service there will be controls on the system settings, you may not access or bypass.
    So the only real option is to contact the computer SCIENCE Department and get them to increase your access to the necessary level
    for your tasks. Rob - bicycle - Mark Twain said it is good.

  • To restart, a fictitious user account appears. I remove it in the (add or remove user account) article, but upon reboot, it is always

    * O.T. > fictitious user account deletion

    I have windows 7, on reboot, a fictitious user account appears.  I remove it in the (add or remove user account) article, but upon reboot, it is always.  How can I remove it permanently?

    Hi Ewa,

    I imagine the inconvenience that you are experiencing and will certainly help you in the right direction to solve the problem. However, I would be grateful if you could answer a few questions to refine the question in order to provide you with better assistance.

    1. You created this account, or he came to his own?
    2. You share this computer with another person?
    3. You did it all change important before the show?

    If this user account is not created by you, then it might be the virus/malware. So, I suggest you run a full scan using the Microsoft Safety Scanner (MSS) to ensure that the computer is virus-free.

    The Microsoft Safety Scanner free is a downloadable security tool that allows analysis at the application and helps remove viruses, spyware and other malicious software. It works with your current antivirus software.

    http://www.Microsoft.com/security/scanner/en-us/default.aspx

     

    Note: The Microsoft Safety Scanner ends 10 days after being downloaded. To restart a scan with the latest definitions of anti-malware, download and run the Microsoft Safety Scanner again.

     

    Note: The data files that are infected must be cleaned only by removing the file completely, which means that there is a risk of data loss.

    Get back to us with all the necessary information and the result of the proposed suggestion. We will be happy to help you further.

    Kind regards

  • My user is a member of the Administrators group, but I got ACCESS DENIED with some files?

    My user is a member of the Administrators group, but I got ACCESS DENIED with some files?

    I know the meaning of the trace, I did not sense trace in this sentence! Once again, I don't undrestand why a user as an administrator cannot access anythings?

    Administrators can access anything, but they often need to take ownership of a file or folder to open it. By examining the details of the property, the owner can easily say that an administrator has reviewed his file or folder.

  • How to set a user account to have the same settings as the administrator account

    How to configure a user account to have the same settings as the administrator account. using windows xp pro with service pack 3

    Set the "parameters of same.

    If you want that the user has administrator privileges, then all you need to do is to add the user to the group "Administrators".  To do this, right-click on 'My computer', select 'Manage' and open the "local users and groups" section.  Click on 'Groups', double click on "Administrators" and add the user to the administrator group.

    If you set 'settings' and things like wallpaper and other preferences, there isn't a way to do that easily other than to simply set these parameters.

    Hope this helps,
    JW

  • Only windows 7 can set the image of the user that appears in the start menu you can not change it. True or false?

    Is true or false. Only windows 7 can set the image of the user that appears in the start menu you can not change it.

    Set to false.

    Type the user accounts in the start search box.

    Press ENTER.

    Select change your image.

    Browse the picture than what you want.

  • "To install the software, you must log on as a member of the Administrators group" when you try to install the printer software

    Original title: Installation software error

    I am trying to install a wireless printer Canon on my new laptop Dell with Windows 8 but I get error: to install the software, you must log on as a member of the Administrators group.  I'm naïve - I'm the only person who uses this laptop and have used the one and the only password for the connection.

    Solution... for me at least:

    (First of all, copy the installer to a flash drive)  I use Windows 7 Enterprise and have tried many combinations to run the installation program. The bit end who works is to restart the computer, connect to the machine as an administrator or another local user on the computer that is part of the local Administrators group, THEN Rclick Installer and run as administrator.

  • I can't access my user account even if the password is correct.

    I was not able to access my user account even if the password is correct. It happened to our 2 admin represents, so now we only use the guest user account.

    Hello

    Something must have corrupted these accounts.

    You can try to fix it with Safe Mode - repeatedly press F8 as you bootup. The ADMIN account in trunk
    Mode has no default password (unless someone has changed the password so it should be available).

    These problems and similar bugs can help:

    A temporary profile is loaded after you connect to a Windows Vista-based system
    http://support.Microsoft.com/kb/947242

    How to fix error "your user profile was not loaded correctly! You have been connected with a
    temporary profile. "in Vista
    http://www.Vistax64.com/tutorials/135858-user-profile-error-logged-temporary-profile.html

    Some programs such as the updated Google (if you added the toolbar Google, Chrome or Google Earth)
    has been known to cause this problem.

    How to fix error "the user profile Service has no logon. User profile cannot be loaded. »
    http://www.Vistax64.com/tutorials/130095-user-profile-service-failed-logon-user-profile-cannot-loaded.html

    Try these to erase corruption in the case where it plays a role.

    1. run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup

    2. start - type in the search - box COMMAND find top - RIGHT CLICK – RUN AS ADMIN

    sfc/scannow

    How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
    generates in Windows Vista cbs.log
    http://support.Microsoft.com/kb/928228

    3. then run checkdisk - schedule it to run at next boot, then apply OK your way out, then restart.

    How to run the check disk at startup in Vista
    http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html

    -----------------------------------------------

    Other methods:

    Use the hidden administrator account to lower your user account (to the lowest level) APPLY/OK then go back
    and reset it to the Admin APPLY/OK - this clearly allows corruption. Do this several times. Do the same for others
    accounts that may be difficult. If necessary you can also reset your password in the accounts.
    Do not forget to leave your Admin account and the other to the desired level.

    Make another Admin account with your password and use it to fix the others if necessary. (just for
    repair, don't use regular account, not a safety valve) always keep a spare ADMIN account.

    DO NOT LEAVE THE ENABLED LSA OR USE DAILY. If it corrupts you are toast!

    How to enable or disable the real built-in Administrator account in Vista
    http://www.Vistax64.com/tutorials/67567-administrator-account.html

    You can run the Admin account hidden from the prompt by if necessary.

    This tells you how to access the System Recovery Options and/or a Vista DVD
    http://windowshelp.Microsoft.com/Windows/en-us/help/326b756b-1601-435e-99D0-1585439470351033.mspx

    If you cannot access your old account, you can still use an Admin to migrate to another (do not forget to always
    not that an Admin account that is not used except for testing and difficulty).

    Difficulty of a corrupted user profile
    http://windowshelp.Microsoft.com/Windows/en-AU/help/769495bf-035C-4764-A538-c9b05c22001e1033.mspx

    I hope this helps.

    Rob Brown - MS MVP - Windows Desktop Experience: Bike - Mark Twain said it right.

  • Standard user account cannot access the programs installed by administrators account

    I have a new Windows 7 computer. I installed various programs using the Administrators account, and then I created a Standard user account. When I login as a user standard I can't see all installed programs. Some are, some are not aware that I have nothing differently when I installed each program. I deleted the first standard user account and created a new standard user but still don't see not all installed programs.

    Thank you

    Claire

    When you have installed programs, perhaps you have chosen to install just for the first user. In all cases, you can put shortcuts to programs in the Menus to start other users.

    Right click on the "All programs" button from the Start Menu and choose 'Open' to get user-specific Start Menu folder. Choose "Open All Users" to download the file of the start - the system-wide Menu.

    %Appdata%\Microsoft\Windows\Start Menu folder or user-specific and
    C:\ProgramData\Microsoft\Windows\Start Menu for all users.

    Then just copy the shortcut icons, as you wish.

    By the way, I always install programs from the Standard user account, providing the password/OK to the UAC prompt. Even if of course you want an administrative user established (and always run as standard for your daily work), almost never, you need to log on to the administrative account.

    MS - MVP - Elephant Boy computers - don't panic!

  • AAA GANYMEDE + accounting - CLI question by user not appear in the report of the ACS.

    Can I know why CLI cancelled by the user does not show on GANYMEDE ACS accounting report. The length of time is displayed, but I also wanted to connect what is the commands issued by the user.

    WHA is missing here?

    enable AAA authentication login VTY P1_ACS local group

    Group default AAA authorization exec local P1_ACS authenticated by FIS

    AAA authorization exec CONSOLE none

    AAA exec by default start-stop accounting P1_ACS group

    AAA commands 5 default start-stop accounting P1_ACS group

    AAA commands 15 arrhythmic default accounting P1_ACS group

    Accounting logs command is stroed in the newspapers of the administration of Ganymede.

    There is also a known issue on ver 4.1.1 and we must

    apply the ACS 4.1.1.23.5 patch to fix the problem.

    Patch for the unit is available on

    http://www.Cisco.com/cgi-bin/tablebuild.pl/ACS-Soleng-3DES

    The patch name: ACS SE 4.1.1.23.5 rollup

    Acs hotfix for windows is available on

    http://www.Cisco.com/cgi-bin/tablebuild.pl/ACS-win-3DES

    The patch name: ACS 4.1.1.23.5 rollup

    CCIE Security

  • Printers under the original user have the printer properties grayed out for new users, even if they are members of the Administrators group

    Windows 7 Pro 64 bit (and 32-bit) Setup on the domain.
    The domain users group is added to the local Administrators group.
    Printers are installed under the first domain user.  These aren't the printers shared, but local usb printers or printers attached to the tcpip port and driver installed.
    All right.
    Users in the second domain is connected to the computer.  They are part of the local Administrators group, because they are part of the domain users group.
    They're going to look at the properties of the printer and almost everything is grayed out.
    Why?  Because they are part of the local Administrators group, they should not have full access?
    I look at security for printers and I don't see the first person in the list because it was created with their profile, but I also see local administrators that this new user belongs to a group.  Now I can take everyone and increase the rights and then log in as a new person and they can then change the properties, but why can't new users "who are admins the" does not alter the properties?
    Thanks in advance for your help.

    Hi Gsaunders,

    If the computer is connected to the domain network then the question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.

    http://social.technet.Microsoft.com/forums/Windows/en-us/home?category=w7itpro&filter=AllTypes&sort=lastpostdesc

    It will be useful.

  • How to restore user account missing when the connection after that power outage occurred?

    Windows XP Media Center edition PC was carried out at the time of the power failure, which lasted about 2 hours.  When turned back on, it was missing the user account on the XP login screen.  However, after logging another user, all the files seem to be present, but the system restore will return to another point, and the same username cannot be recreated (it says it is already used).  How can the user be restored?  Thank you!

    I fixed it!  I copied a solution to another user in the forum:

    1. click on the Start button.
    2. go to control panel and choose switch to Classic view (if not to this point of view).
    3. double-click on Administrative Tools.
    4. double-click on computer management.
    5. on the left, click area to expand local users and groups.

    6. click on groups.

    7 double-click on administrators.

    8. click the Add button to add the user missing to the list.

    It restored the user to the logon screen.

Maybe you are looking for