Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 144
  • Last Modified:

Unknown built in account that was created by a trojan.

Hi,

I have been battling with troy for a couple of weeks now, I'm starting to feel like a real Spartan! I noticed today when running the security baseline analyser that there is an account in the administrators group that I don't recognize. It is dale.chippen(suspicios no?) and the system will not allow me to disable or delete it because it is a member of the built in accounts.

What is going on with that?
0
blairhenry
Asked:
blairhenry
  • 4
  • 2
1 Solution
 
Nirmal SharmaSolution ArchitectCommented:
Are you running Windows Pro or Server? Where do you see this account and in which container ?
0
 
Nirmal SharmaSolution ArchitectCommented:
>>>and the system will not allow me to disable or delete it because it is a member of the built in accounts.

Is this account listed as administrator account?
What is the full name of this account ? it is dale or dale.chippen?

If it is a member of built in account means GROUP and not user. If this is a user then it can be deleted easily using the Reg.exe.

Let me know.

Thanks
SystmProg
0
 
blairhenryAuthor Commented:
I am running Windows 2000 Server for my Active Directory domain master.

The account is shown in a container called hyco/charlottetown which is an organizational unit in our domain.

The full name of the account is Dale Chippen and the user name is dale.chippen.

It seems to have been added as a member of the built in group administrators and I don't know how to remove it from this.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
blairhenryAuthor Commented:
Well, I am feeling kind of stupid now. My other tech just arrived and tells me that he renamed the original administrator account to this a while back.

I will close the case and award you the points for your response.

Thanks
0
 
Nirmal SharmaSolution ArchitectCommented:
Do you see this account in Builtin container?
Try to remove it from Administrators Groups in Buitlin container and then removing this?
0
 
Nirmal SharmaSolution ArchitectCommented:
(luaghing)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now