Appearing and Disppearing User Account


  1. blazah99
    Posts : 3
    Windows 7 Professional 32-bit and a Windows 7 Home Premium 64-bit
       New #1

    Appearing and Disppearing User Account


    Hi, I have a bit of a strange problem. I encountered a user account on my computer which I didn't recognize (SuperDuperstdw36) and because it was logged in an password protected I couldn't delete it. So I shut down my computer, turned it back on, and it wasn't there. I logged into my user account to check to go delete it but it wasn't there, nor was any user directory for it navigating my drive, all of which has me pretty concerned. I'm not sure how to handle this particular problem as it appears nothing is there, but I fear my computer has been hacked. I'm running on a an old dell with win7 professional 32-bit OS.
      My Computer
    Quote Quote

  3. ICIT2LOL
    Posts : 21,004
    Desk1 7 Home Prem / Desk2 10 Pro / Main lap Asus ROG 10 Pro 2 laptop Toshiba 7 Pro Asus P2520 7 & 10
       New #2

    Hello and welcome blazah have you run any security scans on this machine if not try these and delete any rubbish they come up with.


    http://www.superantispyware.com/

    http://www.malwarebytes.org/products/malwarebytes_free/

    http://www.bleepingcomputer.com/download/adwcleaner/

    download from bleeping computer

    also scroll down the the TDSS Killer and run it form here Free Malware Removal Tools
      My Computer
    Quote Quote

  4. AdvancedSetup
    Posts : 61
    Windows 7 Pro x64
       New #3

    If there was a new user created there will be an entry for it in the Registry. There is no way they could wipe all tracks of it in time with you shutting down the computer.

    This Registry key will have a list of accounts
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
      My Computer
    Quote Quote

  6. blazah99
    Posts : 3
    Windows 7 Professional 32-bit and a Windows 7 Home Premium 64-bit
    Thread Starter
       New #4

    I ran the 4 anti-spyware/malware programs and cleaned up what they found. However looking at the registry in the ProfileList I see 6 entries in the profileimagepath. I took a look at my other computer to see compare the differences (Both windows 7, first with prob is a 32bit Professional, second is a 64bit Home Premium) and they are as follows:

    Win7 Professional 32bit;
    %systemroot%\system32\config\systemprofile , C:\Windows\ServiceProfiles\LocalService , C:\Windows\ServiceProfiles\NetworkService , C:\Users\*my account* , C:\Users\*mothers account* , and C:\Users\Administrator .

    Win7 Home Premium 64bit;
    %systemroot%\system32\config\systemprofile , C:\Windows\ServiceProfiles\LocalService , C:\Windows\ServiceProfiles\NetworkService , C:\Users\*my account* , C:\Users\*account the store put on as it was a floor model when purchase* , and C:\Users\DefaultAppPool .

    I exported the ProfileList to a text file because I'm not sure if the other data is relivent or not, however if needed i can dropbox/link the text file here for viewing. I'd also like to completely remove the account the store put on but thats another problem and not critical at the moment.

    Also worth noting is when I went to view the registry on the win7 32bit machine the explorer.exe crashed, which isn't normal, and I'm thinking/wondering if its related. I looked at my event logs and saw their was a few special logins today after I had ran the 4 malware removal software.

    I took the liberty of saving the most recent event logs from Applications, Security, and Audit beginning from the last startup (both table data and detail data) but the text is quite long and I'm not sure if they would be of use. Should I dropbox the event log text files and link them here for viewing?
      My Computer
    Quote Quote

  7. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #5

    I encountered a user account on my computer which I didn't recognize (SuperDuperstdw36) and because it was logged in an password protected I couldn't delete it.
    Windows 7 Home Premium 64bit;
    %systemroot%\system32\config\systemprofile , C:\Windows\ServiceProfiles\LocalService , C:\Windows\ServiceProfiles\NetworkService , C:\Users\*my account* , C:\Users\*account the store put on as it was a floor model when purchase* , and C:\Users\DefaultAppPool


    So in a 'nut-shell' they sold the floor computer to you "as is" and didn't restore the system to it's original settings?
      My Computer
    Quote Quote

  8. blazah99
    Posts : 3
    Windows 7 Professional 32-bit and a Windows 7 Home Premium 64-bit
    Thread Starter
       New #6

    Jacee said:
    I encountered a user account on my computer which I didn't recognize (SuperDuperstdw36) and because it was logged in an password protected I couldn't delete it.
    Windows 7 Home Premium 64bit;
    %systemroot%\system32\config\systemprofile , C:\Windows\ServiceProfiles\LocalService , C:\Windows\ServiceProfiles\NetworkService , C:\Users\*my account* , C:\Users\*account the store put on as it was a floor model when purchase* , and C:\Users\DefaultAppPool


    So in a 'nut-shell' they sold the floor computer to you "as is" and didn't restore the system to it's original settings?
    That would be correct however that is on my other computer (64bit OS), the one that didn't have SuperDuperstdw36 (the 32bit OS) user account. The 64bit OS machine store's account is "Kiosk" which I've known about for some time but been unable to do anything about it as its hidden and password protected.
    Last edited by blazah99; 23 Sep 2013 at 23:21. Reason: missing information
      My Computer
    Quote Quote

 

  Related Discussions
I'm the only user on this laptop and my admin account was called "HybridPC" and I disabled the windows login screen. (Turn computer on and goes right to desktop). One day the welcome screen popped up out of nowhere and I had to login. I tried disabling the login screen to where it was before and...
When I try to log onto my user account I click on it and the computer shuts down, no error message. I can log into the administrator account, it's protected by a password. I have nortons and malwarebytes and have run them both with no malware detected. I also tried system restore but all of my...
hi how can it be? a standar user turns the pc on, goes to her account and turns the general volume down and then turns the pc off i go later turn the pc on , go to my account and i have the volume down too why???????????????????
I have added a new user account to my computer, but for some reason it is not appearing on the logon screen. Help?
I have a Dell XPS 9100 with Windows 7 Prof. I am using the user account made during the initial bootup of the new computer, to make the desired settings and adding software installations. However after I finish with the initial tweaking, I will reduce the account privileges from Administrator to...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 15:53.
Find Us