What are the features of the most hidden system back door?
First of all must be powerful, you can complete control of the system, followed by good concealment. Can evade the virus-killing software's discernment. This back door is there, the answer is yes, in addition to the special virus exists in the system hidden accounts also have this feature.
There are two types of hidden accounts, one is simple to hide, that is, the hidden account cannot be seen at the command prompt Fu Zhengcha, the second is completely hidden, does not appear in the user account in the Control Panel, even if found can not be deleted, only through professional tools to clear. Hidden accounts generally have administrator privileges and can fully control the system. The presence of a hidden account is a possibility that our system was hacked, hackers to facilitate the next landing will do a covert backdoor, which is what we call the hidden account, the second is the use of some unsafe ghost system clone disk, the producers of these discs in order to achieve their goals, in the system to do their hands and feet, A hidden account was established. In any case, the existence of a hidden account in the system is certainly not a good thing.
Let me talk to you now about how to hide an account.
I. Common methods
is to enter the command "NET user" at the command prompt, and the account that exists in the current system is displayed after the carriage return, and then we enter "NET user test$ 123456/add" and the command is completed successfully after the carriage return. This means that an account named "test$" with a password of 123456 has been established.
What did you find again in "net user"? In the results displayed, the "test$" account does not exist, but the input "net user test" test$ account exists. Enter the user account on the control Panel and see the "test$" hidden account.
Well, the problem lies in the "$" symbol on the back door of the account, which is followed by the account name to achieve the hidden effect at the command prompt, which is the simple way to hide the account, but the effect is poor.
Second, special methods
The creation of a fully hidden account requires the use of a third-party tool that I have provided to you, and the hidden accounts created with this tool are not erased by the general method.
Simple hidden Account deletion method is simple, after the user account to find hidden accounts, directly choose to delete, or go to the command prompt to enter the command: NET user hidden account name/del delete users.
It is much more difficult to clear the account if it is completely hidden. Because his concealment is too strong, how to find his existence is a problem, but there are flaws can be seen, that is, the establishment of a completely hidden account will cancel the system's welcome interface, this is to prevent Windows XP users log on when the hidden account.
Well, if we find that the system's welcome interface disappears for no reason, it's going to be more vigilant. Full account cleanup also takes advantage of this "clone account creation/deletion" tool. The tool needs to be run at the command prompt. Enter the directory where the file is located after the command: z.exe-l (letter L) so that you can display all the simple hidden and completely hidden accounts in the system, and then enter Z.exe-u, the tool will prompt you to enter the user name you want to delete, enter the hidden account name and return to be able to completely delete it.