Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

log_recv and log_send


  • Please log in to reply
2 replies to this topic

#1 krneki

krneki

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 01 December 2008 - 05:13 AM

I recently noticed that there are two new files on my primary disk C:\ - log_recv.txt and log_send.txt. The problem is that they are logging every action I do and everything I see on computer. I already deleted them but they were recreated in a few seconds. Few days ago I tested some keyloggers, so I suspect that this is their fault. However, I have no idea how is this possible, because I uninstalled all of them and scanned my system with Avira AntiVir Premium (with highest settings for heuristics) and SUPERAntiSpyware Professional. Avira found nothing, while SUPERAntiSpyware found Rootkit.Cloaked/Service-GEN in C:\windows\system32\drivers\SFFP_NT.SYS , but I'm not sure if it's malware. It's also cloaked, so I have no idea how to access it. I use up-to-date Windows Vista Ultimate SP1.

What should I do? Would you like me to post hijacthis log and combofix log? I'm really out of ideas, so I'm begging you for help :thumbsup:

Regards,
krneki

BC AdBot (Login to Remove)

 


#2 krneki

krneki
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:57 AM

Posted 02 December 2008 - 09:59 AM

Anyone?

#3 zentropy

zentropy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:57 AM

Posted 03 March 2009 - 01:20 PM

I know this is an old post but I found it via a google search - I was having the same problem with these two mystery files.

Delete both files and modify the properties of the newly created (auto) files as read-only. Solved the problem for me.

I have no idea what they are - if they're a virus or spyware or something weird in Vista. I came across another forum where someone had these files, noticed they were HUGE and eating up all his disk space (same problem I was having), deleted them and modified the properties to read-only.

---edited to add---
These files appear to be part of Elite Keylogger - so, yeah, definitely spyware.

Edited by zentropy, 03 March 2009 - 02:46 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users