Solved windows created a new admin account behind my back

[chaosrealm93]

this is so weird.... i went to restart my PC today and came back to seeing 2 accounts on the login screen. this computer has always been mine and i am the only user/admin of the machine.


the "administrator" account is now the "real" admin, in the sense that you cannot delete it, and my account "chris", while also being an admin account, can be deleted.


is there any way to fix this? the only thing i did that was odd was putting the computer to sleep last night over teamviewer, but i dont think it shouldve done anything bad...

 

[NavyLCDR]

Disable the Administrator account:
Built-in Administrator Account - Enable or Disable

 

[chaosrealm93]

Disable the Administrator account:
Built-in Administrator Account - Enable or Disable

thank you so much !

so i guess even when you create only 1 account, its a sort of sub-account...?

 

[Brink]

Usually, the built-in "Administrator" account is disabled by default. This account runs with elevated rights all the time, and has full access to everything.

A normal user account that is an administrator does not run with elevated rights unless you use "Run as administrator" or prompted by UAC to allow something to run elevated. Think of it like a standard account that is able to "Run as administrator" as needed.

 

[Barman58]

Not wishing to worry you, but the hidden administrator appearing without your intervention worries me. It could be something done by someone you know who has access to your system, or it could be something done by some kind of malware

I would advise you perform a deep level /full scan with your Anti-malware just to be sure

 

[Megahertz07]

You wrote on post #1 that you putted the computer to sleep last night over teamviewer.
Teamviewer is a program to allow others to manage your computer from another computer.

Who was on the other computer?
Did you install Teamviewer or only ran it? If installed, did you allow unattended control?

 

[MSClin]

Putting the computer to sleep last night over TeamViewer

What does that mean? TeamViewer was running without anybody connected, or somebody was connected and you just put your computer to sleep while connection was still active? Why you downloaded TeamViewer in the first place?

The account you pointed to appears only by invoking it, meaning that the only possibilities are that somebody tampered with your computer while you wasn't near him, or your computer is infected with some kind of malware/RAT.

 

[chaosrealm93]

Not wishing to worry you, but the hidden administrator appearing without your intervention worries me. It could be something done by someone you know who has access to your system, or it could be something done by some kind of malware

I would advise you perform a deep level /full scan with your Anti-malware just to be sure

You wrote on post #1 that you putted the computer to sleep last night over teamviewer.
Teamviewer is a program to allow others to manage your computer from another computer.

Who was on the other computer?
Did you install Teamviewer or only ran it? If installed, did you allow unattended control?

What does that mean? TeamViewer was running without anybody connected, or somebody was connected and you just put your computer to sleep while connection was still active? Why you downloaded TeamViewer in the first place?

The account you pointed to appears only by invoking it, meaning that the only possibilities are that somebody tampered with your computer while you wasn't near him, or your computer is infected with some kind of malware/RAT.

I will do a deep scan just in case but I think I know what it is.

I was logged in into my desktop using my MacBook just 3 feet away because I was in bed and was too lazy to get up and use the keyboard and mouse the normal way. I put it to sleep using team viewer. but even before this I remember running a similar command to enable the hidden administrator account.

I was having a problem where I could not delete or move a folder and it kept telling me I did not have the administrator rights. I looked it up online and a potential solution told me to enable the hidden administrator account to bypass this so called error message. But this was quite a while ago and when I went to restart my computer yesterday Jesus had completely slipped my mind

I think it is all good in the end but I will do a scan when I have time just to be sure

thanks for all the help !

 

[Barman58]

That appears to be a reason for your issue, if you come across this sort of "you cannot remove this", "you Do not have sufficient Rights to access this" or other such messages, think before you enable the hidden administrator, and in no way should you leave it active when you have used it.

The Hidden administrator is there to allow you to correct errors introduced by malware or the user accidentally.

If you have a file in an area that you do not have access to there are ways to get around this issue, such as right click on Explorer.exe and select to run as administrator, only the explorer.Exe, The "file manager" will be running in a dangerous state, which will work in 95% of cases

If you are running as the hidden administrator your system has no protection against malware, as malware takes the rights of the current user when you are infected. this is not the best idea.

The main reason that I see for users not having enough rights to access or work with some files is that these files are located in areas not meant to be accessed, ( these are the system folders, program files, etc), and they are protected so that a user infected by malware cannot do any damage,

Even a regular administrator has low rights in this area which gives the need for the hidden administrator on rare occasions and as a last resort, unfortunately, some games and program developers think it's 20 years ago and installs user files (settings Etc), in places that have not been correct since the days of windows 95 and XP.

Hopefully you'll take this post as it is meant, It's not meant to scold or bellittle but as a basic explanation of some of the complexities of today's operating systems, All due to the people who write and distribute malware

 

[chaosrealm93]

That appears to be a reason for your issue, if you come across this sort of "you cannot remove this", "you Do not have sufficient Rights to access this" or other such messages, think before you enable the hidden administrator, and in no way should you leave it active when you have used it.

The Hidden administrator is there to allow you to correct errors introduced by malware or the user accidentally.

If you have a file in an area that you do not have access to there are ways to get around this issue, such as right click on Explorer.exe and select to run as administrator, only the explorer.Exe, The "file manager" will be running in a dangerous state, which will work in 95% of cases

If you are running as the hidden administrator your system has no protection against malware, as malware takes the rights of the current user when you are infected. this is not the best idea.

The main reason that I see for users not having enough rights to access or work with some files is that these files are located in areas not meant to be accessed, ( these are the system folders, program files, etc), and they are protected so that a user infected by malware cannot do any damage,

Even a regular administrator has low rights in this area which gives the need for the hidden administrator on rare occasions and as a last resort, unfortunately, some games and program developers think it's 20 years ago and installs user files (settings Etc), in places that have not been correct since the days of windows 95 and XP.

Hopefully you'll take this post as it is meant, It's not meant to scold or bellittle but as a basic explanation of some of the complexities of today's operating systems, All due to the people who write and distribute malware

thabks for the tips and advice!

IIRC, the folder wasnt special, it was just some music or pictures. but once in a blue moon the computer likes to act up and not do what i want lol