Getting Rid of Multiple Administrators

From: Alan (tempuser_at_vacationmail.com)
Date: 04/22/05

  • Next message: Colin Nash [MVP]: "Re: User can change folder permissions" 
    Date: Thu, 21 Apr 2005 20:11:43 -0700

    I was cleaning up a friend's PC that had become infected with a
    variety of trojans, malware and viruses. After cleaning all the
    pests, the OS (WIN XP Home SP1) remained corrupted. He was able
    to use the PC but there was no windows update functionality, no
    firewall, inability to execute certain setup files, no antivirus
    program and other little funny things going on. We could not
    execute any firewall or antivirus setup program. User accounts
    said that he had one user (user1) and a guest account that was
    turned off. User1 was the administrator. There was no password
    protection.

    I soon discovered that if one checked user accounts in safe mode,
    there were two administrators. One called User1 and one called
    Administrator. After logging in as the Administrator I then
    discovered that it was various registry settings in the
    Administrator account that were causing the OS anomalies in the
    User1 account.

    I fixed the registry and the User1 account OS was restored. All
    critical updates were installed. Antivirus protection and a
    firewall were installed. An antispyware app is also installed.
    Before upgrading the OS to SP2 I would like to reset the machine
    to one Administrator (User1).

    Interestingly, MBSA reports that there are more than two
    administrators......

    I'm looking for advice on how to do this without jeopardizing a
    machine that is fully functional. Any advice or links to other
    sites are welcome.

  • Next message: Colin Nash [MVP]: "Re: User can change folder permissions"

    Relevant Pages

    • Re: Administrator as Only User ?
      ... Data folder for user1 and there are folders there. ... The standard security practice is to rename the account, set a strong password on it, and use it only to create another account for regular use, reserving the Administrator account as a "back door" in case something corrupts your regular account. ... While using a computer with limited privileges isn't the cure-all, silver bullet that some claim it to be, any experienced IT professional will verify that doing so definitely reduces that amount of damage and depth of penetration by the malware. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Group Policy per user
      ... Copy the Registry.pol file that is located in the %Systemroot%\System32\GroupPolicy\User folder to a backup location. ... You can see that the changes that you made in step 3 are not implemented because you have logged on to the computer as an administrator. ... Log in to the computer with the built in Administrator account. ... Copy the NTUSER.DAT files for User1 and User2 to a different folder. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Environ("username")
      ... The same behaviour you can observe if you create an account as a XP ... account to User2 (via standart tools of XP windows administrator). ... Environalways returns User1 not User2. ...
      (microsoft.public.excel.programming)
    • Xp Home User/Profile priviledges: Administrator ==> Limited ==> Administrator ... Problem
      ... I added a new administor TYPE account (i.e ... so I changed USER1 profile/account back to full ADMINISTRATOR ... priviledges, even though WinXp Home says it does. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Event 1202 Warnings after Renaming Administrator Acct on SBS2003
      ... policy to rename the account although it is not really necessary or useful. ... Did I check Group Policies for references to the Administrator ... Failed to perform redirection of folder Desktop. ...
      (microsoft.public.windows.server.general)