questionable files - imsins.log, imsins.bak, iis

G

Guest

I am trying to find out if these files are used by microsoft or the O/S or
whether they represent some type of malware. I find them on all PC's (XP,
2000 srvr, 2003 srvr, etc...)in the windows or winnt folder. they seem to
get modified when windows updates are applied but I am not sure of that. the
content is as follows:

[1/7/2006 03:00:51] LogFile Open.
[1/7/2006 03:00:51] Entering OCEntry; Component = <ims> (0)
[1/7/2006 03:00:51] Function = OC_PREINITIALIZE (0), Param1 = 00000003 (3),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:51] Leaving OCEntry. Return=1

[1/7/2006 03:00:51] Entering OCEntry; Component = <ims> (0)
[1/7/2006 03:00:51] Function = OC_INIT_COMPONENT (1), Param1 = 00000000
(0), Param2 = 00069048 (00069048)
[1/7/2006 03:00:51] No other SMTP servers detected, installing IMS.
[1/7/2006 03:00:51] Leaving OCEntry. Return=0

[1/7/2006 03:00:55] Entering OCEntry; Component = <ims> (0), Subcomponent =
<iis_smtp> (0)
[1/7/2006 03:00:55] Function = OC_QUERY_STATE (12), Param1 = 00000000 (0),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:55] Original state is: DEFAULT
[1/7/2006 03:00:55] Leaving OCEntry. Return=0

[1/7/2006 03:00:55] Entering OCEntry; Component = <ims> (0), Subcomponent =
<iis_smtp> (0)
[1/7/2006 03:00:55] Function = OC_CALC_DISK_SPACE (6), Param1 = 00000001
(1), Param2 = 00AB75E8 (00AB75E8)
[1/7/2006 03:00:55] Leaving OCEntry. Return=0

[1/7/2006 03:00:56] Entering OCEntry; Component = <ims> (0), Subcomponent =
<> (4)
[1/7/2006 03:00:56] Function = OC_CLEANUP (11), Param1 = 00000000 (0),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:56] Leaving OCEntry. Return=0

[1/7/2006 03:00:57] LogFile Close.

I have no indications of problems on any of my systems yet and current
antivirus does not indicate anything, still I would feel better if someone
could tell me what these files are for

thanks,
 
S

Steven L Umbach

Yes those or normal to see as are many log files on XP/2000/2003 computers.
Offhand I don't know exactly what they are used for though you could search
Google to try and find more information or try enabling auditing on that
file and an object access event may show the related processes. --- Steve

http://www.kephyr.com/filedb/index.php?viewtopic=imsins.log --- one
reference to imsins.log
 
G

Guest

thanks - i did research the file on google but found nothing useful. I ran
some more tests & determined that the file definitely updates every time a
windows update is applied.
--
Steve Paul


Steven L Umbach said:
Yes those or normal to see as are many log files on XP/2000/2003 computers.
Offhand I don't know exactly what they are used for though you could search
Google to try and find more information or try enabling auditing on that
file and an object access event may show the related processes. --- Steve

http://www.kephyr.com/filedb/index.php?viewtopic=imsins.log --- one
reference to imsins.log

Steve Paul said:
I am trying to find out if these files are used by microsoft or the O/S or
whether they represent some type of malware. I find them on all PC's (XP,
2000 srvr, 2003 srvr, etc...)in the windows or winnt folder. they seem to
get modified when windows updates are applied but I am not sure of that.
the
content is as follows:

[1/7/2006 03:00:51] LogFile Open.
[1/7/2006 03:00:51] Entering OCEntry; Component = <ims> (0)
[1/7/2006 03:00:51] Function = OC_PREINITIALIZE (0), Param1 = 00000003
(3),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:51] Leaving OCEntry. Return=1

[1/7/2006 03:00:51] Entering OCEntry; Component = <ims> (0)
[1/7/2006 03:00:51] Function = OC_INIT_COMPONENT (1), Param1 = 00000000
(0), Param2 = 00069048 (00069048)
[1/7/2006 03:00:51] No other SMTP servers detected, installing IMS.
[1/7/2006 03:00:51] Leaving OCEntry. Return=0

[1/7/2006 03:00:55] Entering OCEntry; Component = <ims> (0), Subcomponent
=
<iis_smtp> (0)
[1/7/2006 03:00:55] Function = OC_QUERY_STATE (12), Param1 = 00000000 (0),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:55] Original state is: DEFAULT
[1/7/2006 03:00:55] Leaving OCEntry. Return=0

[1/7/2006 03:00:55] Entering OCEntry; Component = <ims> (0), Subcomponent
=
<iis_smtp> (0)
[1/7/2006 03:00:55] Function = OC_CALC_DISK_SPACE (6), Param1 = 00000001
(1), Param2 = 00AB75E8 (00AB75E8)
[1/7/2006 03:00:55] Leaving OCEntry. Return=0

[1/7/2006 03:00:56] Entering OCEntry; Component = <ims> (0), Subcomponent
=
<> (4)
[1/7/2006 03:00:56] Function = OC_CLEANUP (11), Param1 = 00000000 (0),
Param2 = 00000000 (00000000)
[1/7/2006 03:00:56] Leaving OCEntry. Return=0

[1/7/2006 03:00:57] LogFile Close.

I have no indications of problems on any of my systems yet and current
antivirus does not indicate anything, still I would feel better if someone
could tell me what these files are for

thanks,
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

What are these .log files in my Windows folder? (Win XP Pro SP 3) 14
STOP 0XD1 Error on XP SP2 2
Max Min Differnce in a Range 6
BSOD minidump analysis 2
BSOD minidump analysis 5
Explorer errors 6
Vista BSOD and debug 3
Crash dump help! 2

Top