I recently helped a friend install a new printer, a HP1315 all-in-one unit. Installation went smoothly, printer works OK, but today she called me and said that the XP system now shows an account sign-on screen when it boots, and there are now three user accounts. The first two are legitimate, but a new one was created named ASP.NET, with limited rights.
Googling on ASP.NET brings up only a Microsoft doc page but I don’t see a reference to a user account name, just some programming notes.
It’s possible that the printer installation had nothing to do with the sudden account creation. We’re running AdAware and Spybot scans right now and the system has an enabled and current anti-virus program.
Anybody know anything about this situation? My inclination is to delete the unwanted account, but…?
Somewhere along the way, the .Net framework must have got installed.
The ASP.NET user is the user that the web server uses when someone browses to a site hosted on that machine.
I don’t know if it has other uses or not, so I can’t say if you can safely delete it. BUT, it’s not harmful in that it was installed by Windows. Well, it’s not any more harmful than anything ELSE installed by Microsoft, but that’s another thread.
Correction: There are now TWO user accounts on the suspect machine, not three. One is the original user, the other is ASP.NET. The multiple accounts probably caused the account-selection screen to be activated at boot time.
Amplification: She upgraded the XP system with SP2 about the same time as the printer was installed, and it seems more likely that SP2 added the account than the HP software. But she upgraded another PC at the same time with SP2 and did not get additional accounts created.
Didn’t know about that account… interesting. One security method used by *nix systems for ages is to create an account with only what a service will need, then move that service to that user account after starting it. It’ll prevent some nastyness if the service ends up being compromised - looks like MS is going that route.
Anyhow. There’s probably a more “correct” way to fix it, but I’d try tweakUI, as it has the ability to prevent accounts from being shown on the logon screen.
I note however that when I run it on this machine, it’s set to show the ASP.NET account, even though it doesn’t show up, which would seem to mean that there are at least 2 different methods to prevent accounts from showing up there.
Having an ASP.NET account installed by Windows is totally normal. Relax. Do NOT delete it.
It’s part of a new Windows facility called .NET (pronounced “dotnet”) that’s slowly making its way from the corporate & server world onto the home-user desktop. It’s a very low-authorization account that is used to run some programs & features that you may get via your browser, essentially the next generation of “plug-ins”.
That’s a major security enhancement over the current situation, where ActiveX plugins run under the account of the logged on user, which in most home installations is an administrator with unlimited rights to do harm.
FYI, there are another 3 accounts in every Windows system that you never see listed, so don’t get all bent out of shape about this one not appearing in a listing someplace.
If for some reason a webserver ever gets installed on that machine, you can expect several more accounts to suddenly appear.
Thanks for the replies, guys. She’s not so much concerned about the extra user showing up on the signon screen, as she found a way to set up the default user and bypass that, but my philosophy is to run lean & mean, and I wouldn’t want to have more baggage on the system than is absolutely necessary.
So what advantages does having this user installed give us? Or what drawbacks are there to deleting it?
On preview, I see LSLGuy partly answered that question, but it seems like just another way of giving easy access to the baddies. If it were my system, I would delete it in a flash, but my friend may decide to keep it for now.