Program created 9,000 usernames

I was browsing a game forum when I decided to download something. People had been virus checking it and it looked legit.

Very shortly after the post was shut down, and it was discovered the program was creating some bad problems.

Everything seemed fine, until someone told me about one of the problems. I pulled up the control panel to find that the program has created 9,000 usernames for windows.

Performance is fine, everything seems good, but can this create a problem? I've already set up a system restore point in case anything really bad happens.

It is possible to manually delete them, but I can only find a way to do one at a time. It takes approximately 10 seconds for each to fully delete and disappear from the list. Do some math, and that equals out to around 25 hours of clicking delete and waiting. Is there any way to delete them all at once?

 

I would be worried that they are banking on most people not being aware of what has happened or not bothering to deal with the menial task of deleting them all and using them as logins to gain administrator privileges on your computer, provided they can compromise your system far enough. But this would be a strange way to do it.

Does there seem to be any legit purpose for this behaviour?

 

Format the computer and install the last backup you had...

You downloaded something very nasty... I would not fool with attempting to fix this...

 

Well, the thread was immediately locked. One scanner picked up some sort of trojan or something.

The creator, who claims he is a beginner programmer, said that there was a mistake in the coding of the program.

His explanation is this..

"I just figured out that the resource error that you receieved wasn't because of a missing resource. All the resources were there, the problem was that the file fcalc.opt was outdated. Also, the files dbase.cps, dlgMain.adb, lnk.dll, fmc.dat1 were corrupted. This was because when writing the files, there was a buffer overload error (arrays overwritten)
And when you started the program, it began to call random and nonexistent system functions, which was for the most part, why everything went bad"

So this is either a kid trying to make a program to help people playing the game, and he truly messed up.

Or it's someone who knows what they are doing, and the statement above is just a bunch of techno-babble designed to trick poor saps like me into thinking it was an honest mistake.

Either way, there are a ton of usernames that I want to delete in some sort of timely manner, and I'm hoping someone can point me in the right direction.

 

Try "User account manager"
http://www.majorgeeks.com/User_Account_Manager_d2514.html

Go there:
Settings --> Group functions --> Delete multiple users

Edit: oh small problem....it's not freeware

 

I would have to agree, who knows what else the program has done to your PC. You can never be too cautious

 

i agree. format reinstall your computer

 

Could you post a screenshot?

 

AKAJohnDoe - I, too, would find it amusing.

 

I'm not sure if a format would be possible. I don't have any saved backups (I had system restore turned off), and don't back my stuff up onto an external hard drive or anything. I don't have the install CD's or anything to do all that.

Here is the picture when I access the User Accounts option in the control panel.


Here is the picture when I access administrative tools.


I don't have a picture of the login screen, as my computer is almost always either on or in standby. And I fear having to find my real account in a sea of 9,000 usernames.

 

Ewwwww!

I would probably reformat and reinstall, too.

Without any backups of your data, you could try deleting all those accounts, running a few antispyware detectors, and perhaps even a registry cleaner.

 

That's funny as hell. I had no idea that many User accounts could even be created.

But anyways, it's a good idea to take previous posters advice and just do a Format/Clean Install. That must have created over 9000 extra folders and files under the users folders. And maybe even copied other files 9000 times like sample pics, etc:

How differ is your HD space?

 

Sorry to sound like a jerk, but that is funny!

 

Vegita, what does the scouter say about his power level?!

...It's over nine thousand!!

WHAT NINE THOUSAND?! THERE'S NO WAY THAT CAN BE RIGHT!!


Sorry, but I can't believe nobody noticed this.

 

tears for fears. love them.

 

Haha yeaa, it is kind of funny. Such a random effect for a program to have, but I still need to fix it somehow. I'm now afraid that If I log off, I either won't be able to log onto my main account (it doesn't even show up on the control panel list anymore), or I'd have to sort through 9,000 usernames. Can anyone help me to prepare for what would happen if I had to restart my computer? Can I make it so it automatically loads my real account instead of giving a list?

So how do I do a format/clean reinstall? I've got a disc that says "Operating System", and a CD marked "Drivers and Utilities". Is there a guide on how to do this? Is there any way I can save the thousands of songs and other documents and stuff and reinstall the rest?

 

vista makes shadow copies, it is usually used for individual files or folders, but I would just take your c drive, right click it and click restore previous versions..and roll back to the proper date...this way you dont have to do any restoring

 

Damn that sucks and is funny at the same time. Why on earth did you disable system restore? Were you running out of hdd space? Buy an external hdd and save your data. Then do a reinstall with those two cds. Unless doing what eyecon82 said works that is.

 

first off how much data do you have that you need saved. if its not over 500 gigs you can buy an external hard drive thats not to expensive and just start transferring data to it then format then transfer the data back. if you can't get a external hd do you have a dvd drive? you can burn dvd's of all your music and valuable data. once everything is saved just format with that operating system disk then bring your data back. i would defiantly recommend reformatting you have no idea hat that program did, identity theft may even occur.

 

I like how each account has a different profile picture. j/k

You can set up automatic login this way.

 

I turned off system restore, and right clicking doesnt show the option "restore previous versions"

The guide here for enhancing performance recommended it.

I guess I'll start looking into an external hard drive. I've only got like 20 gb of stuff I'd want to save.

I'd probably be more interested in fixing this if there was a security risk, but I don't have any secret stuff on my computer, and rarely use any banking or anything. There are still no negative consequences from this, so I can't really justify going out and spending money on something that isn't really a problem.... yet.

 

This might help

This code will delete every account whose name is a number.
So copy the code into Notepad and save it as "user.vbs" under C:\
From an administrator account, bring up the Command Prompt and put "cscript c:\user.vbs" and let it rip.
I guess there is some risk but I tested it and works for me.

 

jimc, you are my hero. You have saved me the trouble of buying an external hard drive, dealing with all this reformat crap, or sitting here and deleting them all by hand.

For some reason, it only deletes about a thousand at a time. I just run it, come back, the box is closed, and a thousand usernames are gone. So a few more times and it should be fixed.

Thanks!

 

You are living on borrowed time. What else did this piece of software do to your system? If it was adding all these user ID's then clearly it was up to no good. By eliminating the accounts you have treated the symptoms but totally ignored the disease.

By no means should you consider your sytem fixed. All you can be sure of is that the user id's are gone.

If I were in your shoes, I would take the advice of the several people who have told you that you should re-format your drive asap.

Gary

 

Well said ........

Even if nothing else happened, I would still feel uncomfortable unless I know this Virus, Malware or Bug is out my system.

 

And never enter a credit card number on that machine again.

At least not until you reformat.

 

I don't know, are you sure I should be so freaked out? It seems that there is nothing else wrong with my computer, and numerous spyware/virus scans have turned up nothing. The original poster (who was immediately banned from the forum) created another post, apologizing for the lack of foresight and the large mistake in the programming.

My question is even though there are now zero visible consequences to the program I downloaded (which may or may not have been purposefully harmful), why should I go to the trouble of reformatting?

For anyone who is recommending a reformat, what other options would you do before a reformat? What else can I do to ensure my computer is safe?

It's just that right now, I can't justify spending the money on a hard drive to save all my stuff, and dealing with all this reformatting business when I don't see a reason to do so.

 

just do the reformat...those malware detectors don't always detect everything, in fact, there is a format in java that is undetectable...with all the posting on this thread...you honestly could have reformatted (takes around 30 mins) and reinstalled all your programs again

 

Okay. Maybe I'm just not too experienced. I thought a reformat would take out everything, and the only way I could save my vital files (music, documents, pictures, save-games etc.) could only be saved by purchasing an external hard drive, something that I don't really need, and would cost a lot of money (I'm just an average college student).

Is there a guide to reformatting? Is there some way I can protect everything without spending money on a piece of hardware I don't need?

 

do you have a dvd burner? a few flash drives you can borrow from classmates? there are many options here

 

Sorry, I would still not trust this machine. Period. It could very well have installed a rootkit. And I do not buy, for a single second, the "mistake" the programmer made. What was he doing that would cause the machine to create ONE user account, let alone 9000? No, he got caught out because he screwed up and the machine created more accounts than he wanted. He wanted to create one so he could take over the machine. He was on a mission here, plain and simple.

Your machine has been compromised. If you want to remain in denial, fine. But you have been told by MANY folkes here that until you reformat the machine, it cannot be trusted. If this machine were on any domain I managed it would be banned immediately.

If this machine has a DVD or CD burner buy a stack of disks and get busy backing up your documents. However to be perfectly honest your document files are now suspect as well. Or borrow a hard drive from a friend. Then run multiple virus scanners on the backed up documents. Don't trust just one. And have it scan EVERYTHING on the backup CD's.

Just stop justifying to your self that the machine is ok now. It isn't. You can't trust it.

Gary

 

Ok. I think its pretty clear that I should reformat, so I will probably figure that out pretty soon.

I was wondering, what is the absolute worst case scenario here? I keep no private information on my computer, nor do I access anything private.

 

A severe performance hit, in a bad way. Not to mention it might delete your files anyways.

 

also not forgetting it could essentially be a carrier and potentially spread the problem to other people machines. Which is something a lot of people who don't believe in AV or Firewalls etc seem to forget! (one of my friends being a case in point)

 

i think the verdict is in

 

It's really up to you and what level of risk you're willing to live with. If all you do is play games on it and surf the web, but you don't ever buy things online with it or use online banking, etc... it might be fine to just delete the "extra" user accounts. You could wake up one day and find your system inoperable and you'd lose all those mp3s and other files. It's your computer and data, you make the choice.

 

The WORST case is that this machine has become a "zombie" controlled by a master as part of an army of machines (a botnet) who carry out the bidding of the master machine. It may become part of a coordinated denial of service attack, a spam factory or any number of other potentially harmful things. So in reality it's not just a matter of the risk the owner is willing to live with, but also a matter of the risk he is putting OTHER folks at as well. If it were only HIS risk, I and others would not be stressing this so much. But because there is potential harm extending WAY beyond his own machine, the RIGHT thing to do is get this machine under control.

Botnet info from Wikipedia

Gary

 

Exactly, the virus creator could pull a scam off his machine, and since it will be his IP which will be logged, he'll get in trouble! I would have formatted my drive twice, and erased it with Eraser with at least 40 passes by now if it were me.

But then again, the last time a virus tried to enter my computer was way back when NOD32 was a baby, and it still knocked it out as soon as it showed up from my CD (I burnt it on someone else's PC).

 

Instead of burning your files to DVD, you could also create a second partition on your hard drive, and copy your vital files over there (this will save alot of time, depending on how many DVD's you'd have to burn). Then just format the partition your OS is on, and re-install the OS to that partition.