A new user account !!
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: A new user account !!

  1. #1
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696

    A new user account !!

    I have just found a new account on my home computer called, ASP.NET.machine A it was a password protected administrator account!!

    My wifes account which was a Limited user account with no password has changed to an Administrator account with no password.

    I have now deleted the ASP.net account and changed my wifes account to limited and made her put a password on it.

    Does anyone have any idea how a new adim account can just appear?
    Do I have to do anything else except delete this account?

    Could any software have created this account, or has someone remotley created it?

    I am running WIN XP Pro.

    TIA!!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  2. #2
    Junior Member
    Join Date
    Nov 2002
    Posts
    18
    I looked for and found the answer. It is not a trojan created item. It is created by one of the dot.NET installations.
    It seems that various facilities will create accounts for their own use and management of data to keep it separate from the other accounts.

    I found more info at various places including:

    http://www.mvps.org/marksxp/windowsxp/aspdot.htm

    Hope i get some greenies for this! =)
    [gloworange]Thor ValÝ[/gloworange]
    74 68 65 65 6f 6e

  3. #3
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Cheers dood!

    This has potential to be used as an entry point to a machine/network i think.

    I wouldnt be suprised if someone has already figured an exploit for it.

    Nice of M$ to tell people they are creating a new user account on their computer, altough nothing they do suprises me anymore.

    Cheers!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  4. #4
    Senior Member
    Join Date
    Oct 2003
    Posts
    111
    The .NET architecture that M$ implemented is still in its baby-stage...Try and remember that.
    Most of the people using the .NET architecture already know that it will create an administrator account, as it might be needed for some application information storage. Like I always say, better safe than sorry, always read up on updates before you install them.

    Because we all know that M$ likes to..."suggest" things Because after all, M$ knows whats best for us...(zombie)
    Creating further mindless stupidity....through mindless automation.

  5. #5
    Member
    Join Date
    Oct 2003
    Posts
    93
    Let's not forget that IIS also creates new accounts. It seems to be just a development of this idea that the systems need to run stuff in their own accounts, so they can control the permissions issues.

    Of course, they are not Admin accounts. This does seem like a dangerous hole, particularly as experience shows that changing the password breaks stuff. Is this user needed ( I wonder ) on a development environment only, or on a live one too ( where it would seem like a BIG hole ).

    As to why your wife's account was changed at the same time, that is more puzzling. Maybe she is hacking your system

  6. #6
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    LOL wouldnt suprise me!

    Cheers guys/gals!!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Various programs do create new user accounts - these are typically not admin accounts, and are assigned random passwords.

    The purpose of these accounts is to run services under a low-privilege user. It is true that if they knew the password, someone could log in, but that is highly unlikely, as it will be assigned a random long password.

    The ASPNET account should not normally be an administrator - are you sure?

    Perhaps it's different in XP, I've only used it on 2k

    Slarty

  8. #8
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    It was definatly an Admin account, thats why I was a little suspisious and confused about it.

    My line of thinking was that if it was an account made for a sofware app, why would it need an admin account. Thats why it thought that something a bit un-toward was happening.

    As for my wifes account being made in to an admin account I have no idea how or why that happened, she asures me it wasent her.

    I have ran all the obvious checks to see if anything is installed that shouldnt be and they all came up ok.

    I think I will do a fromat/reinstall just to be on the safe side!

    Thaks for all your help!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  9. #9
    Senior Member
    Join Date
    Dec 2002
    Posts
    180
    Hmm, M$ is always talking about security and low and behold, they are our worst enemy. Read about those updates before downloading them.

    Freddy
    cybnut

  10. #10
    Senior Member
    Join Date
    Aug 2003
    Posts
    185
    hmmm...making asp.net account admin to have more phun playing with the asp files you had not before...
    making your wifes account admin without password to come back if you found the backdoor.
    sounds like you are running more then just one service....
    would you please make a :
    net start
    and a
    netstat -a -n
    and post it here?
    i will help ya.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •