How To **** Your Computer - Like I Nearly Did!

[RDN]

The fact that I am still posting shows that I managed to get back into my PC, but not before visiting the bathroom

So what happened? I downloaded a nice utility that needs "Microsoft .Net Framework 1.1" installed. Fortunately I have a copy on my "Master Utilities" disk, so I installed it.

No problems so far.

The next day when I started the PC, my User Account was displayed on a Welcome Screen and I had to log on by clicking the name. I have no password set on the account.

After a couple of days I got fed up with this, so started investigating how to get logged on automatically, like it used to do before (I didn't realise at the time that "before" was really "before I installed .Net Framework 1.1")

I tried everything and couldn't get the automatic start up to occur. While I was trying different options, I decided to create a password for my normal user account. No problem in that, I thought ()

So I rebooted and was presented with my User Account name on the Welcome Screen. I clicked on it and a box appeared for the password. I entered the password (which was the same as the account name) and... and... a message appeared asking if I'd forgotten my password. <deleted>? I tried several times, went to the bog, tried again, rebooted and tried again. Then I noticed that just after the password entry box was "TH". Does this mean that the language is Thai? Or that I'm supposed to enter my password in Thai? And as there was no Administrator account shown on the Welcome Screen, I thought I was buggered.

As a last resort, I tried booting in SAFE mode. Two accounts were displayed: my normal user account AND the Administrator Account. Thank God. I was in. Changed my normal user account to have NO password and rebooted.

This time on the Welcome Screen a single click on my name let me in.

But there's more...

Then I had another look at the User Accounts in Control Panel and that's when I saw this new account "ASP.NET Machine A...". Searching the Internet gave me this:

What is the ASP.NET Machine Account?

What is this new user account for? What created it?

The aspnet_wp or ASP.NET Machine Account is created when the Microsoft .Net Framework 1.1 is installed onto a Windows XP computer. The user is created to run the asp.net worker process used in Microsoft's Internet Information Services, which allows ASP.net to run on your local web server (This is pretty much its only use, it is not used to run normal .net managed executables). There is not a need to worry about this user's presence; it was not created in malicious way.

Blah, blah, blah....

......This helps to increase security because if there was a breach the worker process is running as a lowly restricted user rather than having administrator privileges on the local machine. The big complaint with there being another user created is that when it is created it will prevent auto logon had there previously only been one user on the computer.

This can easily be corrected on the first version of the .Net Framework v1.1 by ....blah, blah, blah

So this piece of MS <deleted> stops me automatically logging on and all the events that followed to try to get this problem fixed nearly caused me to get permanently locked out of my PC.

I hope this helps someone else who gets the same problem.

[Joey Boy]

If safe mode had'nt helped u coulda also booted to the root, changed the default screen saver to explorer.. restarted and then waited for the screensaver to activate, you may then open utils to change passwords etc

[lunatic69]

You can configure Windows XP to automate the logon process if your computer is not part of a domain.

1.Click Start, click Run, and type control userpasswords2. This is a shortcut instead of having to click on Start -> Control Panel -> User Accounts.

2.Uncheck the "Users must enter a username and password to use this computer" check box.

3.Click Apply.

4.Enter the user name and password you wish to automatically log on with, and then click OK.

5.Click OK again and you're all done.

This feature allows other users to start your computer and use the account that you establish to automatically log on. Enabling auto logon makes your computer more convenient to use, but can pose a security risk since anyone can just turn the machine on and access your files.

[RDN]

......click on Start -> Control Panel -> User Accounts.

2.Uncheck the "Users must enter a username and password to use this computer" check box....

<{POST_SNAPBACK}>

That option does not appear in my "Control Panel / User Accounts"

[francois]

......click on Start -> Control Panel -> User Accounts.

2.Uncheck the "Users must enter a username and password to use this computer" check box....

That option does not appear in my "Control Panel / User Accounts"

right, it's only on a pro version, the command line in windoz is a bit short someway

rdn, now that I know you use tune-up, you should have check this options there too, and enter the new password for autologin

anyway, on the welcome screen, type ctrl+alt+del, and then you can login as an admin

francois

sticky ps: when blocked to enter windoz, type ctrl+alt+del to enter the traditional login screen which allow you to login as "administrator"

Edited November 14, 2005 by francois

[RDN]

right, it's only on a pro version, the command line in windoz is a bit short someway

rdn, now that I know you use tune-up, you should have check this options there too, and enter the new password for autologin

anyway, on the welcome screen, type ctrl+alt+del, and then you can login as an admin

francois

sticky ps: when blocked to enter windoz, type ctrl+alt+del to enter the traditional login screen which allow you to login as "administrator"

<{POST_SNAPBACK}>

Hey francois, I do have the pro version of XP, so I wonder why mine is different?

And can you explain a bit more about what you said here: "you should have check this options there too, and enter the new password for autologin "

I can't find anything in Tuneup Utilities that affects the logon to windows.

Thanks for your help!

[Temp]

And if you ever have a very serious problem like having no password for any accounts take note that there are utilities to remove or change the password.

One is: http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

A sidenote to this is that it is considered very bad security indeed to have a blank administrator password. If someone finds a service you have running or some kind of weakness that lets them connect via internet to your system they would have full access and every hacker checks for the blank administrator password mistake. To have ok security the account should at least have a password. To have good security the name of the admin account should be changed, the guest account should be disabled and the account of the owner should be in the category users rather than administrators.

Cheers

[RDN]

And if you ever have a very serious problem like having no password for any accounts take note that there are utilities to remove or change the password.

One is: http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html

A sidenote to this is that it is considered very bad security indeed to have a blank administrator password....

<{POST_SNAPBACK}>

Thanks for the link and info - much appreciated. I surely will get my passwords sorted when I have some time and plan what to do - I don't want to be stuck like I nearly was before.

I would like to hear your opinion on software firewalls. I use Zone Alarm Pro. I'm also on dial-up and use GhostSurf to hide my IP. Any thoughts?

[RDN]

OK, so I've taken to heart the recommendation to not have a blank Administrator password, but before I set the password I thought I'd test it on my normal user account.

So I rebooted and at the Welcome screen I hit CTRL-ALT-DEL twice (once does nothing).

I then got the old "Log On to Windows" screen which showed my normal "User Name" and a box next to "Password". I decided to try to log in as Administrator, so I deleted my normal account name and started typing "Administrator". It all came out in Thai!!

I've checked the "Regional and Language Options" in Control Panel and all settings default to English.

So if I can't type in English at the logon screen, I can't set any passwords. &lt;deleted&gt;!

[Temp]

Even your System Locale? I am sorry I can not guide you exactly as to what you need to do because my laptop with XP will be gone for one more week. My guess is that you need to check System Locale(That may have changed name to "Input Locale. Language for Non-Unicode Programs" in XP) though and that this has to be english. Maybe you could try "Left Alt" + Shift first as this is the combination for changing Input Locale once you're logged in. Unfortunately I can't check this because I don't have my laptop with XP back before a week of two.

[Temp]

For the firewall look in the firewall thread. As for GhostSurf it does seem to have a reputation as being a bit buggy. Also what it achieves could be done with free programs.

It would seem it uses SSL to encrypt the communication from your computer for some protocols including http(web) and nntp(news) to some non-transparent anonymizing proxies owned by themselves. The encryption, preventing eavesdropping by your ISP and others is only done when the privacy level is set to secure. While this might be an easy to use package there are many programs that will let you do the other functions of this for free. There are also good ways of hunting down your own anonymizing proxies although subscribing to some might take some of the hazzle out of it. A network such as Tor would be more secure than this and a company like http://www.findnot.com offers more solutions(they seem a bit eager to sell though and I have not tried them.) Another place for encrypted communication is http://www.cotse.com .

The downside to many of the anonymizing providers is that they will not allow you to constantly download like you might if using P2P or downloading large files from newsgroups. Tenebril that offers GhostSurf doesn't mention this with a word. How fast does their service seem and have you been given limitations? In fact they mention very little about many things and I never find such silence reassuring. I do not find it reaauring either that there were very few posts in alt.privacy.anon-server about this software. Google had only 1 in 2003 and 1 in 2004. But I have never tried it so I will not advice too much.

Really there is only one way to remain secure and that is to study, study, study and update update because if not knowing the ins and outs the chance is that you will not be secure because of something you did not think about. (My opinion)

One good place to start:

http://www.panta-rhei.dyndns.org/pantawiki...ndEncryptionFaq

Can also be found on google here:

http://groups.google.com/group/alt.privacy...ho+security+faq

Cheers

[Khutan]

<snip>Hey francois, I do have the pro version of XP, so I wonder why mine is different?<snip>

<{POST_SNAPBACK}>

Like my machines @ home, some are new OEM installs of Pro, others are upgrades from NT, they behave differently

[RDN]

Even your System Locale? I am sorry I can not guide you exactly as to what you need to do because my laptop with XP will be gone for one more week. My guess is that you need to check System Locale(That may have changed name to "Input Locale. Language for Non-Unicode Programs" in XP) though and that this has to be english. Maybe you could try "Left Alt" + Shift first as this is the combination for changing Input Locale once you're logged in. Unfortunately I can't check this because I don't have my laptop with XP back before a week of two.

<{POST_SNAPBACK}>

Excellent post, Temp, and you are dead right about Left Alt-Shift!!

Here's what happened... I did notice that Thai was set as the "Language for Non-Unicode Programs", and set it back to English. But I did that at quite an early stage of this problem - and changing it back to English did NOT stop Thai as being the default input Language at the Logon screen.

BUT, I racked my brain for a while and remembered that I could switch languages using left-Alt Shift after I had logged on, so I tried it at the Logon screen and of course it worked. And if you hit the "Options>>" button at the Logon screen, you can see "TH" and can see it change to "EN" when you hit left-Alt Shift. So you are dead right and thanks very much for this post. Hopefully, someone else with this problem may search the web for a solution and find this thread.

[RDN]

For the firewall look in the firewall thread. As for GhostSurf it does seem to have a reputation as being a bit buggy. Also what it achieves could be done with free programs.....

<{POST_SNAPBACK}>

Yes, it does give me the feeling that it is "flakey". I haven't quite worked out a foolproof way of getting it going - start Internet connection first, start GhostSurf first, or start Firefox first. Once going it's OK, but some days it takes quite a while to sort itself out.

But it's working now. My IP is apparently 207.44.220.36

....The downside to many of the anonymizing providers is that they will not allow you to constantly download like you might if using P2P or downloading large files from newsgroups. Tenebril that offers GhostSurf doesn't mention this with a word. How fast does their service seem and have you been given limitations? ...

<{POST_SNAPBACK}>

Haven't been given any limitations, but I'm listening to Radio Bangkok (RealAudio Stream) and I had to make the connection "Normal" (i.e. no anonymous connection and cookies allowed) for it to work.

I also use Bearshare to get .mp3s, and that would only work if set to "Normal" too.

So GhostSurf is by no means perfect, but it's a start. Thanks for all the other information you've given. I'll start reading!