jraun?

Discussion in 'adware, spyware & hijack cleaning' started by meneer, Nov 26, 2003.

Thread Status:
Not open for further replies.
  1. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Found this line in our ISA server log:

    #Fields: c-ip cs-username c-agent sc-authenticated date time s-computername cs-referred r-host r-ip r-port time-taken cs-bytes sc-bytes cs-protocol s-operation cs-uri cs-mime-type s-object-source sc-status rule#1 rule#2

    xxx.xxx.xxx.xxx anonymous IEAcitveX2 N 2003-11-24 20:00:00   YYYYY - - - - - 238 - - GET <hyperlink removed>- - 0 PR001.0 -

    xxx is the local workstation, YYYYY is the internal firewall name (our ISA server).

    Is this IEActiveX2 session a trusted one, what's this jraun business?
    Alas, before I could get a hand on this machine, our helpdesk rolled out a new image, so all sources are gone.
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi meneer,

    A bit strange that.
    I sent you a IM.

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.