Suspicious file on Desktop

[Patrick Fish <patrick () pwhsnet com>]

Hi,

I've been trying to figure out why there is a "Startup.log" file on my
desktop. I've searched mail archives and google, but didn't find anything
about this. The file contains:

(Last octet of IP removed)
CONNECTION: [01/26/03 21:50 UTC] 62.163.176.xx
CONNECTION: [01/26/03 21:56 UTC] 67.192.41.xxx
CONNECTION: [01/26/03 22:01 UTC] 67.192.41.xxx
CONNECTION: [02/06/03 08:46 UTC] 65.65.81.xxx
CONNECTION: [02/06/03 08:46 UTC] 65.65.81.xxx
CONNECTION: [02/06/03 08:49 UTC] 80.194.40.xxx
CONNECTION: [02/06/03 09:06 UTC] 144.134.163.xx
CONNECTION: [02/06/03 09:11 UTC] 216.249.81.xx
CONNECTION: [02/06/03 09:46 UTC] 136.165.87.xxx
CONNECTION: [02/06/03 09:47 UTC] 211.28.63.xxx


After resolving a few of them, these are all people I know pretty well on
IRC. I can't figure out what's causing this - I don't use a mIRC script, I
don't have a firewall (XP firewall is disabled) -- I do have Norton 2003
Pro. I'm using Windows XP Pro on Service Pack 1a, but the file was created
before I installed SP1a

I've checked my process list, and there's nothing running that shouldn't be.

Has anything seen something similar or know what's causing this?


Thanks.


--
Patrick Fish



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com