You must use a proven security code.... Not use XOR or in-house code for protect things: That is simply worst than put it in clear text (because fel secure and not be, is worse than now is not secure).

You want to read things like

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmod/html/secmod71.asp

And understand the picture.


A BEST APPROACH is NOT use admin account (why you think need that?). Best is create a speciall user and assing it the necesary privilegies. If can rely in the windows security, best.