.dat file

  • Thread starter Thread starter Mike
  • Start date Start date
M

Mike

Can anybody tell me where I can find information on .dat
files for W2K Pro? My son thinks he downloaded a key
logger program and when I checkedit out, there was a
strange file in the system32 folder called: rerolpxe.dat
and another called; rerolpxe.le. It happens to spell
explorer backwards. Those 2 files do not appear on my
other computer, same OS. Where can I find information on
these files?
 
There is nothing 'unique' about a .dat extension. By convention, it
normally is used for binary data (e.g. SQL Server uses the .dat extension
for its DBs), but anyone can create a .dat file and store anything that they
want in it.

If you suspect that you have some spyware (and based on your posting I think
you do), I would suggest that you (in this order):
1) Disconnect the machine from the internet. This will help mitigate the
damage, preventing the app from sending data to its host. Download updates,
etc. using a separate machine if at all possible.
2) Update and run the latest Anti-Virus app on your machine. Have it scan
all drives.
3) Download and run Ad-Aware (there are several other equivalent apps, but
Ad-Aware has a free download). It doesn't scan for virii, it scans for
spyware (which *technically* are not considered a virus) and ad-ware.
http://www.lavasoftusa.com/software/adaware/
4) Once everything is cleaned up, re-attach to the internet and run Windows
Update to make sure you have the latest patches for everything.

If you have firewall software (BlackIce, etc.), I would recommend making
sure it is running.

Depending on how long the spyware has been there and what you use the
machine for (e.g. E-Banking), you may want to contact any institutions that
you may have accessed and check for unauthorized communictations.

For more information about computer security, you can follow-up at
www.microsoft.com/security.


Pat
 
-----Original Message-----
There is nothing 'unique' about a .dat extension. By convention, it
normally is used for binary data (e.g. SQL Server uses the .dat extension
for its DBs), but anyone can create a .dat file and store anything that they
want in it.

If you suspect that you have some spyware (and based on your posting I think
you do), I would suggest that you (in this order):
1) Disconnect the machine from the internet. This will help mitigate the
damage, preventing the app from sending data to its host. Download updates,
etc. using a separate machine if at all possible.
2) Update and run the latest Anti-Virus app on your machine. Have it scan
all drives.
3) Download and run Ad-Aware (there are several other equivalent apps, but
Ad-Aware has a free download). It doesn't scan for virii, it scans for
spyware (which *technically* are not considered a virus) and ad-ware.
http://www.lavasoftusa.com/software/adaware/
4) Once everything is cleaned up, re-attach to the internet and run Windows
Update to make sure you have the latest patches for everything.

If you have firewall software (BlackIce, etc.), I would recommend making
sure it is running.

Depending on how long the spyware has been there and what you use the
machine for (e.g. E-Banking), you may want to contact any institutions that
you may have accessed and check for unauthorized communictations.

For more information about computer security, you can follow-up at
www.microsoft.com/security.


Pat





.
Thanks, Pat for the help. I did run Ad-Aware in just the
Click to expand...
system32 file where the suspected activity was and it
turned up nothing. I did re-name the 2 files and nothing
happened to the system on re-boot. I will try and copy the
files to a floppy and then delete them from the system32
folder and see what happens. It's strange the way those
files come back with the original file extension after I
re-named them.
 
Back
Top