User Profiles won't change

  • Thread starter Thread starter JMF
  • Start date Start date
J

JMF

Hi,
I ran into a problem with 3 computers in the same office,
where everytime the users would log on their personal
settings would have dissappeared, I would have to re-
create their Outlook settings, re-enter their name and
initials in MS Word, I even placed some files on their
desktop and they would dissapear. Their Documents folders
would get erased. I'm trying to find out if there's a
virus that would cause this but I can't find anything.
The office manager is suspecting sabotage, but I can't
prove it. These PC are running with FAT32, I had to set
the users as Local Administrators to over ride this
problem. Anyone can help I would appreciate it.

Thanks
JMF
 
It could be a virus or malicious user on the internal network. I would be more prone
to believe a malicious user if you found no evidence of a virus or worm and used
virus definitions as of today from the publishers website. I would suggest that you
do not use fat32 but instead use NTFS file permissions on your W2K/XP computers. You
can convert existing fat32 installations to ntfs without having to reinstall you
operating systems and applications, though a full backup is recommended just in case.
Then review the security steps at the second link below for small businesses by
Microsoft and be sure to use complex passwords, an account lockout policy, and make
as few users as possible administrators on your computers. --- Steve

http://www.microsoft.com/windows200...techinfo/reskit/en-us/prork/prdf_fls_duyn.asp
http://www.microsoft.com/smallbusiness/gtm/securityguidance/hub.mspx
 
Yes I agree to convert to NTFS, assuming this was a
malicious user, how could he/she do this? There's no file
or registry security settings for them to set. How can
someone setup Win2k to reset the user's local profile to
the default profile?

-----Original Message-----
It could be a virus or malicious user on the internal network. I would be more prone
to believe a malicious user if you found no evidence of a virus or worm and used
virus definitions as of today from the publishers
Click to expand...
website. I would suggest that you
do not use fat32 but instead use NTFS file permissions on your W2K/XP computers. You
can convert existing fat32 installations to ntfs without having to reinstall you
operating systems and applications, though a full backup is recommended just in case.
Then review the security steps at the second link below for small businesses by
Microsoft and be sure to use complex passwords, an
Click to expand...
account lockout policy, and make
 
All someone would have to do is logon as an administrator and delete the user's
profile. Then the next time a user logs on they will have a new profile created
for them based on the default profile. I suggest that you enable auditing of
logon events on those computers which can show what users are logging onto the
computer including via the network and also enable auditing of object access on
those computers and then enable auditing of the two delete permissions only for
this folder and subfolders for the documents and settings folder which should
generate events 560 and 562 in the security log when folders have been
deleted.--- Steve

http://support.microsoft.com/default.aspx?scid=kb;en-us;301640
http://support.microsoft.com/default.aspx?scid=KB;en-us;q248260
 
Back
Top