Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Strange ISA Log. Is it spyware?

Status
Not open for further replies.
davidchardonnet

davidchardonnet

Programmer
Mar 21, 2001
167
FR
#Fields: c-ip cs-username c-agent sc-authenticated date time s-svcname s-computername cs-referred r-host r-ip r-port time-taken cs-bytes sc-bytes cs-protocol cs-transport s-operation cs-uri s-object-source sc-status s-cache-info sessionid connectionid
10.0.2.126 username scpozoyj.exe:3:5.0 Y 2004-09-13 08:54:56 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 153 0
10.0.2.126 username sbnncexn.exe:3:5.0 Y 2004-09-13 08:54:56 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 154 0
10.0.2.126 username yqewwkmt.exe:3:5.0 Y 2004-09-13 08:54:57 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 155 0
10.0.2.126 username adpxtxvm.exe:3:5.0 Y 2004-09-13 08:54:57 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 156 0
10.0.2.126 username hbztqwdq.exe:3:5.0 Y 2004-09-13 08:54:57 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 157 0
10.0.2.126 username xhayqqlp.exe:3:5.0 Y 2004-09-13 08:54:58 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 158 0
10.0.2.126 username zpuiltyp.exe:3:5.0 Y 2004-09-13 08:54:58 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 159 0
10.0.2.126 username uhoojtjb.exe:3:5.0 Y 2004-09-13 08:54:58 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 160 0
10.0.2.126 username swdxtyrk.exe:3:5.0 Y 2004-09-13 08:54:59 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 161 0
10.0.2.126 username xicdlzra.exe:3:5.0 Y 2004-09-13 08:54:59 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 162 0
10.0.2.126 username gkdctatm.exe:3:5.0 Y 2004-09-13 08:54:59 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 163 0
10.0.2.126 username jktgrwac.exe:3:5.0 Y 2004-09-13 08:55:00 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 164 0
10.0.2.126 username vhtqsier.exe:3:5.0 Y 2004-09-13 08:55:00 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 165 0
10.0.2.126 username odylwpdg.exe:3:5.0 Y 2004-09-13 08:55:00 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 166 0
10.0.2.126 username hagwfeqe.exe:3:5.0 Y 2004-09-13 08:55:01 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 167 0
10.0.2.126 username qxnnccrs.exe:3:5.0 Y 2004-09-13 08:55:01 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 168 0
10.0.2.126 username bkavilfy.exe:3:5.0 Y 2004-09-13 08:55:01 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 169 0
10.0.2.126 username nlvdevzg.exe:3:5.0 Y 2004-09-13 08:55:01 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 170 0
10.0.2.126 username baldlsah.exe:3:5.0 Y 2004-09-13 08:55:02 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 171 0
10.0.2.126 username ghkbcrbr.exe:3:5.0 Y 2004-09-13 08:55:02 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 172 0
10.0.2.126 username pbvqclhl.exe:3:5.0 Y 2004-09-13 08:55:02 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 173 0
10.0.2.126 username qcwvfdcp.exe:3:5.0 Y 2004-09-13 08:55:03 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 174 0
10.0.2.126 username eaumchrk.exe:3:5.0 Y 2004-09-13 08:55:03 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 175 0
10.0.2.126 username pgtonjqu.exe:3:5.0 Y 2004-09-13 08:55:04 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 176 0
10.0.2.126 username pbjvrdrx.exe:3:5.0 Y 2004-09-13 08:55:04 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 177 0
10.0.2.126 username tbvqevur.exe:3:5.0 Y 2004-09-13 08:55:04 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 178 0
10.0.2.126 username yapctims.exe:3:5.0 Y 2004-09-13 08:55:05 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 179 0
10.0.2.126 username gipsfxcw.exe:3:5.0 Y 2004-09-13 08:55:05 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 180 0
10.0.2.126 username zqvfeoti.exe:3:5.0 Y 2004-09-13 08:55:05 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 181 0
10.0.2.126 username qjvplhop.exe:3:5.0 Y 2004-09-13 08:55:05 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 182 0
10.0.2.126 username cmdhfnww.exe:3:5.0 Y 2004-09-13 08:55:06 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 183 0
10.0.2.126 username zjovhmie.exe:3:5.0 Y 2004-09-13 08:55:06 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 184 0
10.0.2.126 username lfshbttq.exe:3:5.0 Y 2004-09-13 08:55:06 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 185 0
10.0.2.126 username zbayljgo.exe:3:5.0 Y 2004-09-13 08:55:07 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 186 0
10.0.2.126 username tmtkbwvk.exe:3:5.0 Y 2004-09-13 08:55:07 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 187 0
10.0.2.126 username cilfdhbx.exe:3:5.0 Y 2004-09-13 08:55:07 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 188 0
10.0.2.126 username gqkcwule.exe:3:5.0 Y 2004-09-13 08:55:08 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 189 0
10.0.2.126 username hzqsannm.exe:3:5.0 Y 2004-09-13 08:55:08 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 190 0
10.0.2.126 username gjjgikpw.exe:3:5.0 Y 2004-09-13 08:55:09 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 191 0
10.0.2.126 username jnqjykdo.exe:3:5.0 Y 2004-09-13 08:55:09 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 192 0
10.0.2.126 username oviczlha.exe:3:5.0 Y 2004-09-13 08:55:09 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 193 0
10.0.2.126 username yuencwhg.exe:3:5.0 Y 2004-09-13 08:55:10 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 194 0
10.0.2.126 username genrnkxf.exe:3:5.0 Y 2004-09-13 08:55:10 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 195 0
10.0.2.126 username rtrphlyw.exe:3:5.0 Y 2004-09-13 08:55:11 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 196 0
10.0.2.126 username rpqwropf.exe:3:5.0 Y 2004-09-13 08:55:11 fwsrv IRIS036 - 216.239.59.99 - - - - - - GHBN - - 0 - 197 0
 
Sort by date Sort by votes
filenames that look like random collections of characters are usually not good files. The 7 to 8 character length seems to be a common one in the trojan/worm department.

Theres one example, I'm sure there are others.


-------------------------------------
It's 10 O'Clock ( somewhere! ).
Are your registry and data backed up?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

2ffat
  • Locked
  • News
Audacity is Spyware?
Replies
2
Views
244
2ffat
2ffat
iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
303
Oorde
Oorde
Henry Pence
  • Locked
  • Question
Is Norton Antivirus Necessary?
Replies
2
Views
223
Henry Pence
Henry Pence
Shimmy613
  • Locked
  • Question
Avira Free: "Your computer is not secure! A Service is not working correctly"
Replies
14
Views
504
ChrisHirst
ChrisHirst
DrB0b
  • Locked
  • Question
Crytowall 3.0 and How I dealt with it 2
Replies
7
Views
213
DrB0b
DrB0b

Part and Inventory Search

Sponsor

Back
Top