Multiple Programs – NTUSER.DAT.LOG and NTUSER.EXE

If you run WinPatrol 10.x or later, a file called ntuser.dat.log will appear in your hidden files list. This is normal and the file is safe to have around. This file stores backup data. If your NT User profile (ntuser.dat) file is corrupted, the information in this log file can repalce it.

Ntuser.exe will appear in your Windows\System\Driver folder. It installs as part of Symantec's NTSEC tools designed to automate changes to security settings. These tools can be used to customize security settings on multiple Windows NT/2000/XP systems, to manipulate NTFS file permissions with a comprehensive set of command line programs, and to change Registry, Share, User, and Group settings. This product, originally from Pedestal Software is not owned by Symantec. More information can be found at http://www.symantec.com/business/support/support_policies.jsp.

Many users report having this file use all available memory and resources. The file may run as a service and may be described as NTBOOTMGR - unknown owner. If you didn't intentionally install this file, it may have been installed by a remote user trying to acess your system. We'd recommend removing it using WinPatrol. First, kill the file under Active Tasks then remove it under Startup Programs. Please note that a file called ntuser.dat is a valid and unrelated Windows NT/2000/XP file.

Safe if intentionally installed

Symantec