Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Administrator Account has just appeared (without my help) . . .


  • Please log in to reply
5 replies to this topic

#1 Taffy_078

Taffy_078

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 PM

Posted 12 January 2016 - 05:09 AM

. . . in my Win7 -> Win10 laptop after the MS Free Upgrade.

 

I did what I thought was the logical thing and posted in the Microsoft Community here

 

http://answers.microsoft.com/en-us/windows/forum/windows_10-security/administrator-account-has-just-appeared-without-my/b91ffe7b-354c-40a9-94ab-7a1b96b4fccf

 

I understand that one mustn't ask for advice in more than one forum [although I'm tempted - the response there has been like watching paint dry] but I will wait for their response about how to remove this new UA.

 

But as I may have a serious security problem I hope that I can create this thread to concentrate on that.

 

On my Start-up list appears lgfxtray. There's no Publisher shown and I can't open "Open File Location" nor "Properties" in Task Manager as they're greyed out.

 

I don't remember seeing this program before but I may be wrong.

 

Some searches on the web say it's a Microsoft start-up program and is OK but this says it a security threat;

 

http://whatisprocess.com/lgfxtray-exe/5596/

 

I've scanned with Norton IS, SuperAntiSpyware and MBAM - nothing was found.

 

Are there any further steps I can take to check it out? Thank you.

 

PS I found an old thread in Microsoft Community with a similar tale on a Win7 & its creator later added that his bank account was subsequently cleared out!


Edited by Taffy_078, 12 January 2016 - 05:11 AM.


BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,968 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:10:30 PM

Posted 12 January 2016 - 05:35 AM

Hi,

 

The lgfxtray is a legit program related with Intel Graphics.

 

The Administrator account exists on all Windows versions and can't be removed, in some Windows versions the account is usually hidden but it can be enabled. That was what happened in your case for some reason.

 

To disable/hide the account try this:

 

Press windows8_key.png + X and click Open Command Prompt (Admin)
type:

net user administrator /active:no

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Taffy_078

Taffy_078
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 PM

Posted 12 January 2016 - 07:21 AM

SleepyDude, on 12 Jan 2016 - 10:35 AM, said:

 

Hi,

 

The lgfxtray is a legit program related with Intel Graphics.

 

The Administrator account exists on all Windows versions and can't be removed, in some Windows versions the account is usually hidden but it can be enabled. That was what happened in your case for some reason.

 

To disable/hide the account try this:

 

Press windows8_key.png + X and click Open Command Prompt (Admin)
type:

net user administrator /active:no

Hi Sleepy Dude. It worked immediately! I'm so relieved. Thanks again.

 

PS It's no wonder you're sleepy - we've been visiting the Algarve twice a year (more when we can afford it!) for twenty years. We stay in a fabulous family hotel Vila Petra and we're so relaxed when we're there!



#4 Taffy_078

Taffy_078
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 PM

Posted 12 January 2016 - 07:56 AM

Er - I might have caused a problem, SleepyDude. Thinking that the new Administrator UA might have been a nasty, and so anxious to stop my bank account being robbed of its overdraft, I thought of a temporary workaround - I created a password for it.

 

It was made up of an offensive swearword + Microsoft + my DOB.

 

When I later tried to open it, it kept rejecting my password but I know it was right.

 

Could it be that no-one is allowed to open that UA? And do you think I've screwed it up (a technical term) by make it password-protected?



#5 Taffy_078

Taffy_078
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:30 PM

Posted 12 January 2016 - 08:11 AM

PS When I went to sign out of the UA I was using I saw that the Administrator UA is still showing on that list. It's NOT showing in the Settings ->  Accounts -> family etc list though. 

 

The reason it's still showing in the sign out area is because that UA is still logged in. I can't access it to log it out and I can't reset its password as I didn't create a stick with passwords. (I didn't know that was possible.)

 

Is there any other way that I can change its password and then make it NOT password protected, please? 


Edited by Taffy_078, 12 January 2016 - 08:12 AM.


#6 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,968 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:10:30 PM

Posted 12 January 2016 - 09:26 AM

I'm not exactly sure where you see the account now. Restart the computer and if you continue to see it please post a screenshot.

 

If you press Windows + X again and click Computer Management

 

do you see Local Users and Groups on the tree?

 

 

PS It's no wonder you're sleepy - we've been visiting the Algarve twice a year (more when we can afford it!) for twenty years. We stay in a fabulous family hotel Vila Petra and we're so relaxed when we're there!

 

Algarve is nice but it's a bit hot for me in the summer I prefer the Central Region of Portugal.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users