Anyone out there with a security background able to answer this question: I'm trying to determine when a file was actually created, since the attributes say the year 2024. The system clock has never been wrong on this box, so I cannot see this being the case. Considering what is IN the file, I would say whoever generated these logs used some type of access gained to change the attributes so that it was harder to track back to a time to this particular exploit. -- Ryan Lambert Systems & Network Engineer NetSource 1242 East 49th Street Suite 0503B, Third Floor Cleveland, OH 44114 Ph/Fax: 216-373-2757 http://www.netsourceit.com