D
david_l
47 writes to ntuser.dat.LOG during 1 minute keylogger test.
I terminated all programs on the taskbar and ran KL-Detector for about
a minute, opening notepad, IE, and calculator, doing a lot of typing on
each, and not saving anything. KL-Detector reported 47 writes to
C:\Documents and Settings\[user]\ntuser.dat.LOG during this time, and
marked it as suspicious. I had to boot up in a special command prompt
mode to open the file, and the file was smal (47 bytes) with nothing
readable in it (I used "edit" to open it).
I searched for info on this file, and apparently it's related to the
registry.
Are this many writes to that file normal? The OS is XP Pro.
I terminated all programs on the taskbar and ran KL-Detector for about
a minute, opening notepad, IE, and calculator, doing a lot of typing on
each, and not saving anything. KL-Detector reported 47 writes to
C:\Documents and Settings\[user]\ntuser.dat.LOG during this time, and
marked it as suspicious. I had to boot up in a special command prompt
mode to open the file, and the file was smal (47 bytes) with nothing
readable in it (I used "edit" to open it).
I searched for info on this file, and apparently it's related to the
registry.
Are this many writes to that file normal? The OS is XP Pro.