R
Robert Paris
What is NTMSDATA? Should I have NTMSDATA and NTMSDATA.BAK or does it mean
I've been hacked/hijacked?
I've been hacked/hijacked?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
Steven L Umbach
According to the KB link below these files are used by the W2K operating system for
backup to media.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;235032
When I am curious about a file I search Google for it and am usually able to find out
information and rely on my Antivirus program and Spyware program to detect malicious
files. Of course a legitimate file can be replaced by a virus. System File Checker
will check your system files for correct version if you run sfc /scannow. However you
need to be aware that if you are using a service pack prior to SP4 you run the risk
of having hotfix files replaced if you do such. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;222471
http://support.microsoft.com/default.aspx?scid=kb;en-us;814510
backup to media.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;235032
When I am curious about a file I search Google for it and am usually able to find out
information and rely on my Antivirus program and Spyware program to detect malicious
files. Of course a legitimate file can be replaced by a virus. System File Checker
will check your system files for correct version if you run sfc /scannow. However you
need to be aware that if you are using a service pack prior to SP4 you run the risk
of having hotfix files replaced if you do such. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;222471
http://support.microsoft.com/default.aspx?scid=kb;en-us;814510
R
Robert Paris
Thanks for the reply.
I also googled and found the spyware link, which is why I was worried (but I
don't know who put that site together). I checked out the link you sent but
it still doesn't really explain NTMSDATA nor NTMSDATA.BAK and what the
expected use, existence and modification frequencies should be. For example,
if I never backed up anything, would they still have been accessed/modified?
Is it normal for NTMSDATA.BAK to exist?
I also googled and found the spyware link, which is why I was worried (but I
don't know who put that site together). I checked out the link you sent but
it still doesn't really explain NTMSDATA nor NTMSDATA.BAK and what the
expected use, existence and modification frequencies should be. For example,
if I never backed up anything, would they still have been accessed/modified?
Is it normal for NTMSDATA.BAK to exist?
S
Steven L Umbach
It does not exist on my computer, but every configuration can be different. You could
try to rename those files and if it does not affect your computers operation after a
few days of use and does not create any errors/warnings in Event Viewer go ahead and
delete them or leave them renamed. Also try running both AdAware and SpyBot Search
and Destroy being sure to update their definitions before scanning. AdAware updates
it's definition files at least a couple of times a week. You could also use Autoruns
and Process Explorer from Sysinternals to see if those files are being used by any
process. --- Steve
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
try to rename those files and if it does not affect your computers operation after a
few days of use and does not create any errors/warnings in Event Viewer go ahead and
delete them or leave them renamed. Also try running both AdAware and SpyBot Search
and Destroy being sure to update their definitions before scanning. AdAware updates
it's definition files at least a couple of times a week. You could also use Autoruns
and Process Explorer from Sysinternals to see if those files are being used by any
process. --- Steve
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml