Re: Information in Computer Management tool

matriloch wrote:
I basically just wanted to know if those NTentries belonged in there.
This is an un-networked PC. No one else should be on it.

From all you wrote, I see no evidence that anyone else is on it.


He's a hacker.

There is no hacker.

So many things have gone wrong that I don't know where to begin.
Right now, when I turn the computer on, I get the screen but without
any icons. I'm unable to turn the computer off normally. I have to
unplug it. When I plug it in again and reboot, I do see the icons.

I often have to open a window twice for it to work. I'll get a blank
screen or an error screen the first time.

None of that necessarily indicates intrusion. More likely hardware problems
or software that isn't behaving properly. More on this further down.

I feel like someone is on the computer with me. It's very slow.
Granted, it's a dial-up connection, but I know from experience that
it's not supposed to be that slow.

Dial-up only makes your internet downloads slow. Nothing else should be
affected by the fact that you use Dial-up.

I'm afraid to put a password on Administrator. I put on an excellent
one, which I tested. I went out for a few hours. When I came back,
the password had been changed. I couldn't reformat the computer. I
couldn't get access to Administrator for almost a year. My son-in-law
finally got rid of the password somehow. (He's a systems
administrator, but they don't live nearby.)

First, how can the lack of a password possibly prevent you from reformatting
the computer? Are you trying to refotmat from *inside* WIndows? That's not
how it's done.

Anyway, those are just more symptoms, pointing even more towards hardware
issues. Like bad RAM or overheating. The password probably didn't get
changed, just corrupted Passwords are stored in the Registry, a set of files
that lives in RAM while Windows is running, and which can easily become
corrupted if RAM is bad, or more likely in your case, if there is
overheating or the RAM isn't properly seated or has corrosion on the
contacts... Or if some other circuit involved is failing intermittently,
though heat, again, is the usual final straw in such cases. Have you put
passwords on any other users? Have you tried making one for the
Administrator again? Since you say you reformat and reinstall a couple of
times a week, it shouldn't be too onerous a task to do a few test runs. Just
because you have something like that happen once doesn't mean you should
avoid it perm,anently. Better to do what's proper, and if it doesn't work,
try again, and maybe once more, until you gather sufficient evidence to
suggest that there truly is a problem and to also suggest what that problem
may be. In Windows, something going wrong once does not a problem make.

When I download updates from Microsoft, he gets in and trashes my
computer. I wish they'd put Service Pack 3 on a disk.

*That* might be partly a matter of using Dial-up. It also, again, suggests
corruption and/or some 3rd-party application interfering with your system. I
suggest you try using a "clean boot" before installing updates. Run MSCONFIG
from the Start>Run box, choose Selective Startup, uncheck the Load Startup
Items, then click on Services tab. Check Hide All Microsoft Services, then
click Disable All. Click OK, and restart when prompted. Note that this
leaves you entirely without AV protection, etc., so *only* go to Windows
Updates while in this state. (Don't worry about further intrusion that
doesn't involve visiting a "bad" site -- if "he" is there, he's there
already and can't do more harm than he already has.)

There's nothing I can do about this obsessed freak, so I have to
learn how to work around him. Basically, I have a Trojan that no
antivirus or antispyware program can find.

If you are getting this behavior on a freshly installed machine, unless you
are somehow reintroducing a virus via CD or floppy, or by running a program
that you'd saved and which is infected, there isn't anything going on except
bad hardware or some software that you introduced post-setup.

As long as I don't try to password Administrator, he gives me access.
I've seen in the log that I shut down the computer while someone was
still working on it. I get the feeling that he's using Windows NT,
because when I reformat, I get a message that another OS is on the
partition and I'll be wiping it off. That, as well as all those NT
entries, leads me to believe that he's using Windows NT.

Have you actually tried giving Administrator a password since that one
incident Again, if it isn't repeatable, it isn't a problem, it's a one-time
anamoly.

The "other OS" that Setup is warning about is the Windows XP installation
that you are replacing by reformatting.

All those Windows NT entries are normal. Windows creates "users" with those
names in order to give certain procedures a virtual identity so that they
have permissions to do certain things. I know this is probably a bit beyond
your comprehension, so please just take my word for it, they're supposed to
be there.

Speaking of your comprehension, my take on your problem is that you *most*
likely have hardware issues, *most* likely overheating, but also possibly
bad RAM or loose connections, or corrosion. Where do you live? Is it warm?
Is there any salt-water nearby?

Here's what I suggest: Reformat our machine using Windows Setup. In fact,
don't just reformat it, DELETE all existing partitions and then create a new
one and format it for the new installation. After Setup finishes, and you've
installed all hardware, set up DUN, etc., install SP2 and then go get all
Critical Windows Updates (but be sure to deselect IE7 for now.) Finally,
install your antivirus solution (out of curiosity, what *is* your AV
solution?)

Run your installation that way for a few days, give the Administrator and
your own User a password, etc. Don't install anything else, yet, though. Do
some internet surfing (but don't install any components from sites that need
them, just avoid going there for now.) Come here and read the messages, or
find a more interesting MS NG, like one or more XP groups. Use Outlook
Express for email and news reading, or get them online. Again, don't install
any other applications.

Come back with a report when you feel like you've given the system a
better-than-decent chance to misbehave. Feel free to report symptoms you
encounter, but be very specific and correct with your terminology (don't
paraphrase Windows, error messages, etc.) If nothing seems to be going
wrong, start installing things, ONE-BY-ONE, tsting for several hours or a
day between each installation. This includes browser helpers like Java,
Flash, Adobe Reader.

I have to say that if my suspicions are true, and this is a hardware matter,
you *really* need to break down and take it to a pro (not some Big Box
computer store -- those aren't pros.) I recommend that you get references
from whatever tech you choose and check out those references thoroughly.



.