Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something Is Running And Keeps Writing A "bot.log" File


  • Please log in to reply
1 reply to this topic

#1 2000cam

2000cam

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:11 AM

Posted 25 May 2006 - 04:15 PM

Freaky!

I got hit hard with a million trojans. I was stupid and put some unknown program and ran it. My virus software caught some and the spyware checker some others. I even went through some serious cleaning with hijackthis and such.

It seems to be very clean according to many virus checkers now.

Only problem, two files keep showing up in the root:

bot.log
ShellExtensionLog.txt

The bot log looks like it is doing some bad things and I know it came from some nasty crack software. Here is what is in the bot.log file:

25.5/13.47:42 HttpDownload /search?hl=en&q=disk+soft
25.5/13.47:42 HttpDownload /faq/faq14.html
25.5/13.47:46 Wait end
25.5/13.47:46 Send first request
25.5/13.47:47 HttpDownload /search?hl=en&q=laser
25.5/13.47:47 HttpDownload /
25.5/13.47:47 Waiting
25.5/13.57:49 HttpDownload /search?hl=en&q=processor+download+free
25.5/13.57:50 HttpDownload /download.html
25.5/13.57:51 Wait end
25.5/13.57:51 Send first request
25.5/13.57:51 HttpDownload /search?hl=en&q=processor+enter+laser
25.5/13.57:51 HttpDownload /listproducts.asp?catid=4264&store=
25.5/13.57:54 Waiting
25.5/14.7:55 HttpDownload /search?hl=en&q=processor+love+games
25.5/14.7:55 HttpDownload /PlayStation+3+chip+on+track/2100-1006_3-5469124.html
25.5/14.7:57 Wait end
25.5/14.7:57 Send first request
25.5/14.7:57 HttpDownload /search?hl=en&q=politic+download
25.5/14.7:57 HttpDownload /search?q=cache:Tp4RPIFQt0wJ:www.isna.ir/Main/NewsView.aspx%3FID%3DNews-718976%26Lang%3DE+politic+download&hl=en&gl=us&ct=clnk&cd=10
25.5/14.7:59 HttpDownload /search?hl=en&q=disk
25.5/14.7:59 HttpDownload /
25.5/14.8:0 Waiting


I can't find anything on this file or seeming symptoms. I keep deleting them and they come right back. I don't know how to figure out what program is writing them.

Any help?

:thumbsup:

~* Post moved to a more suitable forum*~ rigel

Edited by rigel, 25 May 2006 - 07:45 PM.


BC AdBot (Login to Remove)

 


#2 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:05:11 AM

Posted 25 May 2006 - 07:48 PM

Hi 2000cam,

It sounds like you still have malware lurking on your computer. Please follow the instructions found in this post : Start Here. It is a step by step malware removal process.

I hope this helps.

rigel

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users