Win 8 Pro Security Issue

Whenever I'm changing security settings for a particular file,  I keep running across these three user names: "named", "Replicator",  and "Anonymous Logon"...are they valid users?  How can I determine who is or is not?  I'm the only user on HP DV7 laptop.
BlkStln51Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
I do not see these names. Please look under Computer, Right Click, Manage, Local Users and Groups, Users.  

Do you see these names you referred to in the Users list?

Are you domain connected and is this from your domain?

Are the files you are selecting Office Documents and did they originate somewhere else?

... Thinkpads_User
0
BlkStln51Author Commented:
They show up in two places...first when I left click properties, then the Security tab.  The other location is when I'm trying to give myself Auditing Authority they appear in the "Advanced" section of "Select User or Groups."  But strangely enough, right after I started making inquiries online, I stopped seeing them in the Security tab.
0
JohnBusiness Consultant (Owner)Commented:
I do not see these names at all.

I wonder (just speculation) if these names were residual from a prior installation of something?  I wonder if you might have logged on with a temporary profile or a Windows 8 email profile and are now logging on normally?

If the names have gone away, then I suggest you just ignore the issue.

.... Thinkpads_User
0
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

McKnifeCommented:
Open a command prompt and fire the command
net user
->What's the output?

I would not ignore it as there is no real explanation so far. Without needing to become paranoid: if your computer was part of some botnet (so if it were infected and externally controlled), it would not be far fetched for an attacker to use user names that sound somewhat technical in order to avoid being caught.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnBusiness Consultant (Owner)Commented:
"net user" is the command form for what I suggested in my first post farther back, but BlkStln51 says the names have disappeared.

... Thinkpads_User
0
McKnifeCommented:
I know you asked him to have a look. But by now he simply wrote, they disappeared on the security tab.
0
BlkStln51Author Commented:
The only name that remains is "named".  The only profile on pc is mine.  I've been out of the country.  Will try "command" suggestion tonite.
0
btanExec ConsultantCommented:
may want to check anyone login into your machine
SysInternal - PsLoggedOn (also looks up user SID and display the username if avail)
@http://technet.microsoft.com/en-us/sysinternals/bb897545.aspx
List usernames and the computer each is logged into. @http://ss64.com/nt/psloggedon_example.html

if "named" is the username, it should have a corresponding SID
@http://pcsupport.about.com/od/registry/ht/find-user-security-identifier.htm

e.g.
Name            SID
Administrator   S-1-5-21-1180699209-877415012-3182924384-500
Guest           S-1-5-21-1180699209-877415012-3182924384-501

sidenote, I was thinking of pipe which is a section of shared memory that processes use for communication. There are two types of pipes: anonymous pipes and named pipes. They can be used to open file and have access...Named Pipe has form of "\\ServerName\pipe\PipeName"
@http://msdn.microsoft.com/en-us/library/windows/desktop/aa365137(v=vs.85).aspx
0
BlkStln51Author Commented:
You were correct about it being a possible infection.  I say this even though my internet security (Avast) and malware (iObit Pro) programs both failed to detect it.  But as soon as I started inquiring about the user names I didn't recognize, they ceased showing up any now.  PC appears to be OK now.  I've gone into my security settings and locking down some items which I had been ignoring in the past.  Thanks.
0
McKnifeCommented:
I wonder what makes you sure. Viruses sometimes use stealth techniques but they would do that from the very first moment they get installed. They would not be able to adjust their behavior to inquiries of users. Very unlikely that it is trying to hide.
You should continue with this question and finally publish the user list.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.