HEllo --
just recently we've noticed that all machines on our NT4 workstation network (running off of a Novell 4.11 file and print server) have their C: and D: shared. When you log into any workstation as local Administrator, view a local drive's sharing properties, you see that the shared name is C$ and the comment is "Default share". If you click on "permissions" you get the following pop-up error: "This has been shared for administrative purposes. The permissions cannot be set." You can remove this share but it just re-appears after a reboot.
We noticed these local shares after one of our new IT staff installed a shareware program that allows one Administrative access to any NT machine on the network to change user settings, registry entries, etc (i cannot think of the name of this at the moment). This software was not approved and installed without management's knowledge.
However, removal of this "network management" software did not remove the local shares.
I'm in another regional office of ours with a similar technical setup and am now noticing the same thing. Except in this office, the IT officer/web designer has a PC full of shareware and some hideous trojan viruses! I'm wondering if these new C and D shares are also a symptom of a virus? Has anyone seen anything like this before?
..... ka
just recently we've noticed that all machines on our NT4 workstation network (running off of a Novell 4.11 file and print server) have their C: and D: shared. When you log into any workstation as local Administrator, view a local drive's sharing properties, you see that the shared name is C$ and the comment is "Default share". If you click on "permissions" you get the following pop-up error: "This has been shared for administrative purposes. The permissions cannot be set." You can remove this share but it just re-appears after a reboot.
We noticed these local shares after one of our new IT staff installed a shareware program that allows one Administrative access to any NT machine on the network to change user settings, registry entries, etc (i cannot think of the name of this at the moment). This software was not approved and installed without management's knowledge.
However, removal of this "network management" software did not remove the local shares.
I'm in another regional office of ours with a similar technical setup and am now noticing the same thing. Except in this office, the IT officer/web designer has a PC full of shareware and some hideous trojan viruses! I'm wondering if these new C and D shares are also a symptom of a virus? Has anyone seen anything like this before?
..... ka
:O> anongod@hotmail.com