Windows update just added a User to my PC, Do I need 2 plus guest?

BobKoz,
As you have noted - your problem is solved and your computer logs you directly onto your desktop. (This happens by default when Windows see only one enabled account and that account has no password.)

If you have the time and the interest, GokAy will help you try to figure out why this happened. My rambling below are just to try and answer some of the questions that you asked. Some may have already been answered... so I might be repeating stuff:

BobKoz said:

I worked on the extra user issue all day yesterday and so far I have not found a solution.

Computers can sure take up a lot of time :-(

BobKoz said:

I don't believe Malware/Virus caused this unless it was picked up with the 25 Windows updates. I have a lot of protection on my PC (as shown above), but anything is possible! Aso my wife's computer did the same thing after the 25 up-dates, her computer is exactly the same as mine and we are not Network Connected.

As you noted, we are not seeing any other people mention this happening to them.
Wild (and unlikely) guess here:
It could be that your antivirus app prevented some update from doing its thing and the update enabled the built-in admin account to complete the task. (I'm guessing that you and your wife use the same antivirus app.)

BobKoz said:

A new user was created on my PC during the Windows update named "Administrator" (with administrator rights).

As noted elsewhere, the built-in account was enabled, not created. While this is a minor distinction, it would be really scary if a new admin account had been created. As it is, the event is still a mystery, but slightly less scary.

BobKoz said:

....but no-one has reported this issue as happening on their computer as far as I know?

Correct*. You are the first*. Lucky you

*Not that we hear every report of every Windows Update anomaly.

BobKoz said:

I deleted the key in my registry for "Administrator" but it did not delete the User "Admin-Bob", I restored the registry with the backup I made. Maybe I should have deleted the C:\ folder in \Users named "Administrator" but I did not. I also searched my computer for "Admin-Bob" and my registry but did not find it anywhere.
Directions I used to delete registry key: https://support.microsoft.com/en-us/kb/156826

For future reference...
...visit that link again
...scroll near the bottom
...the info on that web page applies to

Applies to

Microsoft Windows Millennium Edition
Microsoft Windows 98 Second Edition
Microsoft Windows 98 Standard Edition
Microsoft Windows 95

While it is good that you made a backup of the key before deleting it, there are registry keys that cannot easily be restored via backup. In this case, you did no harm. It won't hurt to leave the key there or to delete it.

BobKoz said:

GokAy - could not disable Admin account per your link on added user..

This is just FYI: When working with accounts, it is best to restart the computer and log onto your normal account before doing the steps in that tutorial.

BobKoz said:

torchwood - I looked at my System Properties \ User Profiles - (BOBS-PC is name of PC and belongs to a Homegroup - BobsPC is my original user account), I wasn't able to create a screen capture or image but I copied the "User Profiles" results below:

USER PROFILES
Profiles shared on this computer:
----------------------------------------------------------------------------------------
BOBS-PC\Administrator 46.9 MB Local Local 9/12/2015 << Questionable?
BOBS-PC\BobsPC 18.6 MB Local Local 9/12/2015
Default Profile 1.50 MB Local Local 5/20/2015
----------------------------------------------------------------------------------------

I am still looking for assistance with this issue :
The added User Account appeared after Windows Update called "Administrator" (with Administrator rights) - I renamed it "Admin-Bob", which is probably connected to the new folder in my C:\
Drive, in the \Users folder called "Administrator" -- I would like to delete this new added user. GokAy, UsernameIssues, torchwood or any members help is appreciated.

Thank you ,
Bob
See pictures

As has been mentioned: you cannot delete that account. You can (and have) disabled it. If you want, after restarting the computer and logging on with your normal account, you can safely delete that Administrator user folder. You can also leave it there. It really does not matter. About the only impact will be a tiny amount of time added to each full antivirus scan that you do on your computer.

BobKoz said:

torchwood said:

Bob,
what have you got here.
Note shorten name field to get all of last modified date.

Roy

Hello,

torchwood - I looked at my System Properties \ User Profiles - (BOBS-PC is name of PC and belongs to a Homegroup - BobsPC is my original user account), I wasn't able to create a screen capture or image but I copied the "User Profiles" results below:

USER PROFILES
Profiles shared on this computer:
----------------------------------------------------------------------------------------
BOBS-PC\Administrator 46.9 MB Local Local 9/12/2015 << Questionable?
BOBS-PC\BobsPC 18.6 MB Local Local 9/12/2015
Default Profile 1.50 MB Local Local 5/20/2015
----------------------------------------------------------------------------------------

Do you think the one marked "Questionable" is the added User account and deleting it will get rid of the added user?
What worries me is that I'm going to delete part of my original User account or the PC name?
And the Date modified is the date of the Windows update when the added User was created - My original User "BobsPC"' was created back in May?

Thanks,

As mentioned above and elsewhere, you cannot delete the built-in administrator account. I'm repeating this so that I can also add an assurance that deleting the user folder associated with that built-in administrator account will not impact any other account (not that you expressed that specific concern about the user folder).

BobKoz said:

GokAy - your comment:

Administrator is a default built-in admin account, which is by default disabled.
Guest is by default disabled and built in also.
Your own account should be an admin account.

I never saw the built-in Administrator account before the Windows update, so your saying it somehow got enabled?

Do you know of anyway I can rename it back to "Administrator"? I'm pissed that I renamed it "Admin-Bob", because now it won't let me rename it back to "Administrator"..

12 years on WinXP with no issues, this Win7 double administrator thing is kicking me in the butt..

I am pretty sure that XP has the same built-in administrator account. It is also disabled by default. You probably never had a need to use it.

BobKoz said:

GokAy,

netplwiz results:

[X] Users must enter a user name and password to use this computer

Users for this computer:
----------------------------------
Administrator HomeUsers; Administrators
BobsPC HomeUsers; Administrators
HomeGroupUser$ HomeUsers; Administrators

---------------------------------

1) GokAy., I was able to rename the 'Admin-Bob' back to 'Administrator' in netplwiz using properties.

2) I then Hid the built in Administrator using command prompt > net user administrator /active:no

3) Built in Administrator is not displayed in Control Panel/User Accounts anymore (fixed)

4) I tested with a shut down and cold boot and it opens directly into my User Account without any user options


Looks like you fixed all issues GokAy, thanks for all your help :)

Is it a security risk to set user account to Administrator, is it a security risk from Hackers (because no-one else physically touches my PC)?

Sorry for the delay, I wanted to double check everything,
Bob

That is an excellent summary.

I already stated my view on "Is it a security risk to set user account to Administrator"; however, I don't want to discourage you from using the safer Standard account if you want to try it.
You would need to...
...create a user:admin account
(because you don't want to use the built-in:admin account)
...restart the computer
...log onto that new user:admin account
...demote your normal user account to a standard user account
...restart the computer (optional).
Then use your user:standard account for day to day use.

Let me offer an example of one difficulty that you might encounter while using a user:standard account:
We often ask you to do things using an elevated command prompt. If you did option three in this tutorial (SFC /SCANNOW Command - System File Checker), the resulting text file will end up in the desktop folder of the admin account. As long as you know that this is going to happen, then you can deal with it. You can go get the file from there and move it to your desktop.
Or, you could temporarily make your day to day user account an admin account - then change it back once you are done troubleshooting stuff. There are some things that are impossible to do as a standard user. Using "run as administrator" just will not work for some tasks. While this can be frustrating, you can also look at it as an extra measure of safety. This makes it harder for malware to do those things too

BobKoz said:

I'm going to change it to "Standard" until I get more familiar with Win7, big change from XP..

Netplwiz did actually fix all my issues, I've kept a list of all your directions. I'll mark this thread as solved in a little while.

Thanks again for all your help, you know your stuff !

The same advice applies to XP. It was safer to use a non-admin account in XP too.