A user (xx) came in to work to find their logon screen displaying another user name (yy) which would indicate that yy had successfully logged on using that desktop. However, neither xx nor yy were present at 11:00pm when the logon took place (as listed in the event viewer log), as the office is closed. The log shows that msinstaller had successfully installed 'webfldrs xp' and the user was yy at that time. All other normal events on that desktop were shown to be either the system, n/a or the correct user for that desktop, xx. Are there other explanations for the windows logon screen to display a different user than the last one to logon successfully? Both users are on the same network. Neither user knows how to use remote access. Can someone else log on remotely as a different user and leave the telltale sign of their user name in the logon window? Should I be looking for spyware or a virus? Thanks for any input.
February 21, 2008 6:48 PM
October 30, 2011 7:58 AM