Hi,
got a bit of a curly question, might fall under computer forensics.
I do IT for a small primary school. I am running several PCs which boot up and automatically load an application selection screen where the student can choose which application they would like.
Somewhere along the line the administrator password for windows XP on one of the computers has been changed from what I set to ‘123’. As crazy as this sounds could this have been done by the system?? or has it been done by a clever child who has found a way around the restrictions I have on the computer?? If so is there a log file or something that I could look at to find some trace of when it was done??
