Archived from groups: microsoft.public.windowsxp.security_admin (More info?)
I was cleaning up a friend's PC that had become infected with a
variety of trojans, malware and viruses. After cleaning all the
pests, the OS (WIN XP Home SP1) remained corrupted. He was able
to use the PC but there was no windows update functionality, no
firewall, inability to execute certain setup files, no antivirus
program and other little funny things going on. We could not
execute any firewall or antivirus setup program. User accounts
said that he had one user (user1) and a guest account that was
turned off. User1 was the administrator. There was no password
protection.
I soon discovered that if one checked user accounts in safe mode,
there were two administrators. One called User1 and one called
Administrator. After logging in as the Administrator I then
discovered that it was various registry settings in the
Administrator account that were causing the OS anomalies in the
User1 account.
I fixed the registry and the User1 account OS was restored. All
critical updates were installed. Antivirus protection and a
firewall were installed. An antispyware app is also installed.
Before upgrading the OS to SP2 I would like to reset the machine
to one Administrator (User1).
Interestingly, MBSA reports that there are more than two
administrators......
I'm looking for advice on how to do this without jeopardizing a
machine that is fully functional. Any advice or links to other
sites are welcome.
I was cleaning up a friend's PC that had become infected with a
variety of trojans, malware and viruses. After cleaning all the
pests, the OS (WIN XP Home SP1) remained corrupted. He was able
to use the PC but there was no windows update functionality, no
firewall, inability to execute certain setup files, no antivirus
program and other little funny things going on. We could not
execute any firewall or antivirus setup program. User accounts
said that he had one user (user1) and a guest account that was
turned off. User1 was the administrator. There was no password
protection.
I soon discovered that if one checked user accounts in safe mode,
there were two administrators. One called User1 and one called
Administrator. After logging in as the Administrator I then
discovered that it was various registry settings in the
Administrator account that were causing the OS anomalies in the
User1 account.
I fixed the registry and the User1 account OS was restored. All
critical updates were installed. Antivirus protection and a
firewall were installed. An antispyware app is also installed.
Before upgrading the OS to SP2 I would like to reset the machine
to one Administrator (User1).
Interestingly, MBSA reports that there are more than two
administrators......
I'm looking for advice on how to do this without jeopardizing a
machine that is fully functional. Any advice or links to other
sites are welcome.