unknown user on home computer

[Margaret Wolfe-Roberts <margaret_wolfe () mindspring com>]

Hello,

I am a home user with one laptop and one desktop and I’m hoping you can help me with a security concern.   Recently I 
installed a router in order to share the Internet connection.   In the process of learning to enable File Sharing I 
clicked on some stuff and the desktop generated a list of users that includes a username I have never seen before, a 
strange one called “ratnkwCNHERF”.   When I did a whole-computer search to find out more, the search generated a list 
of three files where the same term is used, all in the C://SWSHARE folder.   

I checked the three files: egathcmp.xml, egath.xml and eGathComp.html (Firefox doc).   They seem to be reviews of the 
overall system.   It's possible I have utilized some online program to gather information on my system which created 
those files.  
The html file is entitled Gathered Information for [computer name] and includes this information about users: 

Workstation Security
•       User Accounts

User ID/Name/Password Set/Password age in days/Privilege Level/Disabled/Password Not Required/Cannot Change 
Password/Locked Out/        Password Never Expires/Password Expired

2700                    true    97      Administrator   false   true    false   false   true    false
Administrator           true    480     Administrator   true    false   false   false   true    false
David   David           true    0       User            false   false   false   false   true    false
Guest                   true    0       Guest           false   true    true    false   true    false
od2700  Margaret        true    97      User            false   true    false   false   true    false
ratnkwCNHERF    ratnkwCNHERF   true  55 Administrator   false   false   false   false   false   true

Here I find out that the “rat” user has Administrator privileges and appears to have had a password created AFTER I set 
passwords for myself and the administrator account as I know it –the “2700” account (password age 55 days vs 97 days).  
I purchased the computer last October from Office Depot.   However, the table also indicates the “rat” user’s password 
is expired, though the account is not disabled.  

I also notice that there is an extra Administrator account (now disabled) listed separately from the account I know as 
administrator (2700) which appears to long predate my purchase of the computer (password age 480 days).  

Is there some benign explanation for this mysterious user (who still shows up as an option for sharing my files with) 
or have I uncovered evidence of some kind of security breach of my computer?  How and for what purpose would this extra 
user account have been created, and without my knowledge?  

I will be truly grateful for any insight you can share with me.  

Margaret Wolfe-Roberts