executables running in C:\windows\temp

I just upgraded my SBS 2008 server to Email and Server Security 10.01. In looking through the settings, I noticed in Monitored Programs that there are several executables with what look like random names running from the C:\windows\temp folder. They reside in subfolders such as ihtemp and inve90_tmp. What concerns me is that the subfolders are not visible in Windows Explorer even when allowing it to view hidden and system folders. I'm assuming these are legit since F-Secure has scanned them, but I am understandably leery. Anyone seen something like this?

Comments

  • OGIamOGIam Posts: 5

    Okay, maybe I'm misunderstanding the monitored program display. Since it seems to update frequently, I assumed it was displaying active programs. Is it really just displaying programs that it has seen run at one time or another?

  • FendyFendy Posts: 67

    Hi OGIam,

     

    How about if you uncheck "Hide protected operating system files" in the folder options? Alternatively, you can try to use DOS command:
    http://www.itechtics.com/unhide-files-and-folders-by-single-dos-command/

     

    Anyway, as long as F-Secure does not detect them as malicious, they can be considered safe.

     

    ---
    Best regards,
    Fendy

     

    Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

    SEE
This discussion has been closed.