G
Guest
Guest
Archived from groups: microsoft.public.windowsnt.misc (More info?)
I am running Windows NT Server 4.0, and when I got back to the office today, I found a new folder on the Desktop. In this folder are three files that appear to be functioning as event logs for some application, but don't give any indication as to what application created them.
The folder is named after the localhost IP address (127.0.0.1), so I assume that it has something to do with networking. In the folder are three files: eventnext, statusprev, and statusnext (no file extension on any of them). When opened in notepad, eventnext is empty; statusprev has a number of lines in it; and statusnext currently has two lines in it (though 20 minutes ago it has empty).
Here are sample lines from these files.
statusprev:
2004/03/07 02:27:37 12300 12300 10000 01231 6000 04200
statusnext:
2004/04/12 11:22:53 12100 12100 02173 01265 5973 03800
I tried searching the internet for these, and nothing of use came back (just on document on active server page code). I'm going to set an audit on these files, and see if I can get any more information. Currently, the only users that have permissions on them are the system and the administrators group (both with full permissions) and the file is owned by the administrators group.
Needless to say, having file appear on my computer that I know nothing about is concerning. Has anyone seen these files before who can tell me what application created them?
Ben
I am running Windows NT Server 4.0, and when I got back to the office today, I found a new folder on the Desktop. In this folder are three files that appear to be functioning as event logs for some application, but don't give any indication as to what application created them.
The folder is named after the localhost IP address (127.0.0.1), so I assume that it has something to do with networking. In the folder are three files: eventnext, statusprev, and statusnext (no file extension on any of them). When opened in notepad, eventnext is empty; statusprev has a number of lines in it; and statusnext currently has two lines in it (though 20 minutes ago it has empty).
Here are sample lines from these files.
statusprev:
2004/03/07 02:27:37 12300 12300 10000 01231 6000 04200
statusnext:
2004/04/12 11:22:53 12100 12100 02173 01265 5973 03800
I tried searching the internet for these, and nothing of use came back (just on document on active server page code). I'm going to set an audit on these files, and see if I can get any more information. Currently, the only users that have permissions on them are the system and the administrators group (both with full permissions) and the file is owned by the administrators group.
Needless to say, having file appear on my computer that I know nothing about is concerning. Has anyone seen these files before who can tell me what application created them?
Ben