How can I find how it get on server?
Who is Participating?
johnb6767Connect With a Mentor Commented:
Rt click it>Properties... Any MFGR information?

Whats the Date Modified on it?
Davis McCarnConnect With a Mentor OwnerCommented:
Unfortunately; anytime a zipped file is unzipped, the creation and modified dates will be those that are contained in the zipped file which has driven me nuts for years as it makes hunting down bad guys a lot harder.
The file is Folder Password Protect which is highly suspicious: http://www.freefixer.com/library/file/57276/
It is also quite old.
I would inspect the active user listing (especially before or after work hours) kick off the suspicious user and change their password, then start looking for Rootkits.
What version of server is it?  AD or Workgroup?
gaby_djAuthor Commented:
Windows 2003 AD
No users before or after hours, users (RDP) are very limited rights, but on the network there is an Spector360 monitoring software.
Can be a "connection" between fppsys and Spector360 processes?
Davis McCarnOwnerCommented:
It doesn't seem like it; but, you should check their knowledgebase and call if necessary ( I can't without a serial number): http://www.spectorsoft.com/support/LogIn.asp?TheProduct=7&fn=4
gaby_djAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.