Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something is attempting to type password into Administrator account logon screen


  • Please log in to reply
No replies to this topic

#1 amn70

amn70

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:12:51 AM

Posted 26 November 2014 - 02:57 PM

Have a customer running Win7 Pro on a peer to peer network. Every Wednesday it seems something is trying to log into the administrator account on his computer when he isn't there. When he comes into the office on Thursday or remotes into the computer via Logmein he sees that the Windows login screen as switched from his user account login icon to the administrator account login icon. Thats not the strangest part though. Something actually has left a few characters typed into the password field. Last week it was 3 characters, this week its one character. He has security cameras in his office and nobody was near his desk at all. The only remote access to his machine is Logmein and I checked the Logmein reports and nobody had accessed his Logmein account at any time during the hours this would have occurred. I thought about program or windows update that cause automatic reboots but even if it had automatically rebooted Windows it wouldn't automatically switch user to the Administrator and certainly there is no way Windows itself would be able to key in characters in a entry field that I have ever heard of. Machine has been checked for malware and virus' and is clean as a whistle. And if someone was using some sort of hidden remote software on the machine why would they be bothered to try and log into the Administrator account when my clients users account has full administrator rights anyway. The whole things is creepy. Any ideas?

 

Thanks,

Adam

 

 



BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users