im not 100% sure this will work, i relayed myself on this article and found this somewhere on the net. Feel free to reply when it works or not works!

User accounts normally appear on your Windows XP welcome screen. Today I'll show you a Windows tweak that lets you hide 'em from view. It only applies to a user account you've already created, so if you want to hide a completely new account, you must also create that account!

You'll need to go into your Registry, so back it up before you start just in case you make a mistake.

Here's how to hide your user account.

1. Click Start, Run, and type "regedit" (without quotes).

2. Go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialA ccounts\UserList

3. Modify or create DWORD Value by right-clicking the right side of the screen and adding DWORD Value.

4. Give the value the same name as the account you want to hide. For example, if you want to hide StealthAccount, name the value StealthAccount.

5. Set the Value Data to 0 to hide the account. Value Data: 1 makes the account visible.

6. Exit the Registry and reboot.

Log on

To log on to your hidden account, you need to use the Log On To Windows dialog box by pressing Ctrl + Alt + Delete twice. Make sure you're logged off all accounts. You can't just switch users.

Not completely invisible tho

While your account remains hidden on the welcome screen, other users can still see its profile in C:\Documents and Settings (or wherever user profiles are stored), as well as in Local Users and Groups. So you're not totally in the clear, but you're certainly under the radar!

Yeah, it works for me (WinXP Pro sp1a), anyways I think it's useful only if you want to trick a friend of yours, your brother, your teacher or whoever except a real system admin!

Thanks though

PS: I wonder if it's possible to create an account without the "Documents and Settings/[yourusername]" folder.

SUCCESS ON RELOCATING A USER PROFILE AND LOGGIN IN ON THE RELOCATED PROFILE LOCATION

Well for 2000 I was able to login with my "test" account. I moved the profile from doc and settings to the root of c:\. Then went to registry and changed everything that had "test" ( that was according to accont info of course ) to the new location of c:\ bla\blah ( whatever the reg key was pointing to: c:\docs and sets\test\app data etc...) and it worked. I logged in as administrator and moved the "test" folder from c:\docs and settings\TEST and moved it to c:\. Logged off Administrator and back on a "test". I then looked to see if the "test" account had been re-created in docs and settings. nope. no sign of "test". I have no tested this on XP.

Rich

and how to insert that DWORD from command prompt into registry without any other special tool?

is there any command prompt registry editing tool?

can u just run *.reg file with pipe yes or something like that?

thnx

[EDIT]

just found a method! heres my code:

OH well actually doesnt matter if they can see the folder in documents and settings, you can just make a nice account name no one would even bother to open the folder corresponding to it and check it.

Ummmm, the way i did it was just create the account and remove it from all groups

But i use the for remote file shares ....

I made this nice batch a bit "nicer" i hope you can need these enhancements

well no matter if we hide the account or move it to a different locations as i know do for all users. If the admin has any sence they would check the user in local users. And check to see if new groups had been added.

Rich

i've done that using dll injection method (rootkit-like)

hiding local user account ^^

nice. I would ask how but then I would become a script kiddie..lol

Rich

Psychotec, you can only make a below average user fool by this. Anyway, nice dude...

Manu

well first learn the basis of dll injection and rootkit.
then take a look at the NetUserEnum function:
http://msdn.microsoft.com/library/default....netuserenum.asp
Write MyOwnNetUserEnum or somewhat that do exactly the same job as the official NetUserEnum exept for the name of the account you want to hide.
Put it in a dll, inject it and of course replace the NetUserEnum adress by your own.

sounds like a very good idea you have there!