Hi guys, one of the pages we host here on our servers had a eBay fishing site planted. I have deleted the html file and changed passwords on the server, run full AV scans, and spy ware scans. Nothing found.

I have IIS Logs and the security log of event viewer was over 60MB, I need help deciphering the security log and try to determine how or if they got in.

What do the standard Event Viewer logs for Security look like? Anyone with experience on this subject? Any information would help me greatly.

This was all brought to my attention on the 23rd, I had several emails and phone calls about the page.

If you had a date of when the site when up it would narrow your search to look at the logs for that date range and MS I think makes them fairly easy to read.