My questions are;
What creates them? Win 7, Win Updates, Win 7 app installs, ...
How does one know what's in them? It's tough to restore something if you don't know what you're restoring. And how do you restore one of these?
Are there any parameters/settings that control where these backups are created and how long to keep them? I don't see them on my backup drive.
While I can access the C:\Users\Ed folder and delete them directly it appears I will need to use BartPE to delete the other copy.
Why are there two copies of these files?
CODE
Volume in drive C is Windows 7
Volume Serial Number is 1CB7-B854
Directory of C:\Documents and Settings\Ed
10/15/2011 04:30 PM 2,097,152 ntuser.dat
10/15/2011 04:30 PM 262,144 ntuser.dat.LOG1
04/28/2011 07:08 PM 0 ntuser.dat.LOG2
06/08/2011 12:56 AM 65,536 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TM.blf
06/08/2011 12:56 AM 524,288 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
06/08/2011 12:56 AM 524,288 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
08/19/2011 03:15 PM 65,536 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TM.blf
08/19/2011 03:15 PM 524,288 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
08/19/2011 03:15 PM 524,288 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
06/08/2011 08:10 PM 65,536 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TM.blf
06/08/2011 08:10 PM 524,288 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
06/08/2011 08:10 PM 524,288 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
04/28/2011 07:12 PM 65,536 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
04/28/2011 07:12 PM 524,288 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
04/28/2011 07:12 PM 524,288 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
06/19/2011 06:52 AM 65,536 ntuser.dat{72eb024e-99f5-11e0-81cf-000c761a52b9}.TM.blf
06/19/2011 06:52 AM 524,288 ntuser.dat{72eb024e-99f5-11e0-81cf-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
Volume Serial Number is 1CB7-B854
Directory of C:\Documents and Settings\Ed
10/15/2011 04:30 PM 2,097,152 ntuser.dat
10/15/2011 04:30 PM 262,144 ntuser.dat.LOG1
04/28/2011 07:08 PM 0 ntuser.dat.LOG2
06/08/2011 12:56 AM 65,536 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TM.blf
06/08/2011 12:56 AM 524,288 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
06/08/2011 12:56 AM 524,288 NTUSER.DAT{1a5ec36b-916a-11e0-8394-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
08/19/2011 03:15 PM 65,536 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TM.blf
08/19/2011 03:15 PM 524,288 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
08/19/2011 03:15 PM 524,288 ntuser.dat{5c83cef5-ca6f-11e0-b341-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
06/08/2011 08:10 PM 65,536 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TM.blf
06/08/2011 08:10 PM 524,288 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
06/08/2011 08:10 PM 524,288 NTUSER.DAT{6a8d6267-920a-11e0-b99a-000c761a52b9}.TMContainer00000000000000000002.regtrans-ms
04/28/2011 07:12 PM 65,536 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
04/28/2011 07:12 PM 524,288 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
04/28/2011 07:12 PM 524,288 NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
06/19/2011 06:52 AM 65,536 ntuser.dat{72eb024e-99f5-11e0-81cf-000c761a52b9}.TM.blf
06/19/2011 06:52 AM 524,288 ntuser.dat{72eb024e-99f5-11e0-81cf-000c761a52b9}.TMContainer00000000000000000001.regtrans-ms
: