<div>
Thanks very much for the response, that's reassuring, just seems a big coincidence that this file arrived in the downloads folder of an account no longer use at the same time as the login activity.
</div>


Thanks very much for the response, that's reassuring, just seems a big coincidence that this file arrived in the downloads folder of an account no longer use at the same time as the login activity.

<div>
<div class="content wysiwyg-content">
Hello experts, I have a client running Server 2012 with 10 client PCs, the Symantec anti virus flagged up a dodgy file this morning, it blocked it but it prompted me to investigate. I found that one of the client PCs shows logon activity using the computername$ account at about the same time as the file was found, and later on the server computername$ account. The system is using a draytek router, which had Remote desktop enabled previously, this has been turned off since January but when I checked the firewall, port 3389 was still enabled. I have disabled that and rebooted the router. I am currently only using VPN as remote access. <br />
So far, all appears OK on the system. My question is regarding the $ accounts, I was aware of them but never used them, can they be used without a password to gain full access, is there anything that can be done to guard against this?
</div>
</div>


Hello experts, I have a client running Server 2012 with 10 client PCs, the Symantec anti virus flagged up a dodgy file this morning, it blocked it but it prompted me to investigate. I found that one of the client PCs shows logon activity using the computername$ account at about the same time as the file was found, and later on the server computername$ account. The system is using a draytek router, which had Remote desktop enabled previously, this has been turned off since January but when I checked the firewall, port 3389 was still enabled. I have disabled that and rebooted the router. I am currently only using VPN as remote access. 
So far, all appears OK on the system. My question is regarding the $ accounts, I was aware of them but never used them, can they be used without a password to gain full access, is there anything that can be done to guard against this?

Computername$ login

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.