iis6? Trojan? Internet newbie might need help.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Rennsport

Thread Starter
Joined
Jan 12, 2003
Messages
3
Wandering around in my Windows directory (OS: XP Home SP1), I came across a log file that appears to refer to something "returned from France". The log file is iis6.log and, as something of a newbie to the internet, I was concerned that some surreptitious communication was being sent from my pc to someone/thing somewhere else (trojan?). I run a reputable firewall and a highly regarded anti-virus program, both of which are kept religiously up to date. The only thing that I can think of is that it might have something to do with Microsoft's IIS "thingie"; could this possibly be the case? If anyone in the forums could put my mind at rest or help me out, I would seriously appreciate it. For reference's sake, I enclose the last entry from the log file. Again, many thanks in advance.


[11/27/2002 0:8:53] LogFile Open. [***** Search on FAIL/MessageBox keywords for failures *****].
[11/27/2002 0:8:53] Initial thread locale=c09
[11/27/2002 0:8:53] returned from France fix with locale c09
[11/27/2002 0:8:53] OC_PREINITIALIZE:[iis] End. Return=1 (OCFLAG_UNICODE)
[11/27/2002 0:8:53] OC_INIT_COMPONENT:[iis,(null)] Start.
[11/27/2002 0:8:53] OC_INIT_COMPONENT:26/11/2002 13:04:55 _____N__ 6.0.2600.1106: 6.0.2600.1106 (xpsp1.020828-1920): x86: C:\WINDOWS\System32\Setup\iis.dll
[11/27/2002 0:8:53] OC_INIT_COMPONENT:Set UnAttendFlag:OFF (File='')
[11/27/2002 0:8:53] OC_INIT_COMPONENT:CmdLine="D:\microsoft\service packs\xpsp1_en_x86\update\update.exe"
[11/27/2002 0:8:53] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[11/27/2002 0:8:53] OC_INIT_COMPONENT:Old InetPub='C:\Inetpub'. Does not exist. we'll use the default. WARNING.
[11/27/2002 0:9:24] OC_CLEANUP:Final Check:LogFile Close.

PS. I ran a full anti virus scan, nothing. I downloaded the excellent spybot and that gave me a clean bill of health.
 
Joined
Oct 9, 2001
Messages
9,396
welcome to T.S.G. rennsport.
i think this is probably innocuous but its best to be safe.
www.moosoft.com has a very good trojan scanner.......download,update and run the program and set your mind at ease;)
 

Rennsport

Thread Starter
Joined
Jan 12, 2003
Messages
3
Thanks for the quick response, Steve...have been broswing the forum as I was downloading the trojan scanner. Will set it up and run it now. Cheers!
 

Rennsport

Thread Starter
Joined
Jan 12, 2003
Messages
3
Steve, I've run the scanner (nice piece of work, btw) and 59 000 files later I've received the all clear (whew!). The only file that presented a problem to the scanner was C:\pagefile.sys which I assume, given that I disabled my anti virus during the trojan scan, windows "locks" for some reason. I'll keep looking into iis6.log, if only for interest's sake; if I find anything, I'll post to this thread in case some other poor sod like me is confused. At any rate, cheers for the help.
 
Joined
Oct 9, 2001
Messages
9,396
pagefile.sys is the widows pagefile,you will get that message every scan(win2k/xp) there is no problem with that.

good luck mate;)
 
Joined
Apr 2, 2002
Messages
5,935
Rennsport,

If you want to doublecheck your trojan check, take a look at Trojan Remover;http://www.simplysup.com/tremover/details.html

It's free for 30 days and scans the usual places that trojans launch from, or your whole hard drive if you wish. I use The Cleaner in background and TR as a backup. If you decide to try it you must make sure you have read and understood all the instructions because it does alter files.

Alternatively, if you're interested in what your copy of XP may be up to, look here;http://www.hevanet.com/peace/microsoft.htm
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top