Removed unauthorize user access!

From: Thanh J (
Date: 12/14/02

From: "Thanh J" <>
Date: Sat, 14 Dec 2002 15:57:51 -0500

I am having problem with unknow user or Ananymous Logon who has changed some
of my previlege ownership in my registry. I wonder if anyone can help me.

My Operating System is Windows XP Home Edition and Personal Fire Wall
( But I am still having Attacker log on my System as Ananymous.

With my curiosity, I download Baseline Security Analyzer from my Microsoft
and test my system to find out any security leak on my system, and the
report tells me there are more than 2 administrators were found on my pc:
X Owner ( which is me)
X S-1-5-21-3242847100-1439906313-590260106-1003 (Unknown)

My question is how can I remove this SID user? This user does not appear in
Control Panel-User Accounts. I also searched through my registry and found
and removed some of this SID was set as SPECIAL/Administrator. But after
Scan through my system again with Baseline Security Analyzer. I still see
the same results before changed registry.

Any advice I would appreciate,