I have never heard of it. Can you confirm you are using Windows 2000 R2 SP2? I have never heard of this either.If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

What process holds the lock? Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

I have never heard of it. Can you confirm you are using Windows 2000 R2 SP2? I have never heard of this either. If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer". I'm so sorry, I've just saw that. My OS is Windows 2003 R3 SP2...:(

What process holds the lock? Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows] Dave, In process explorer, I cannot find it directly. I'm obliged to make a search (ctrl-f) with the word "tempfile" in order to finde the process. The process is always the SYSTEM. if I want to solve my problem (temporarily till next reboot) I have to "close the handle". In addition, when I'm looking for the file in C:\Windows...the file is 0byte size....

Hello everyone, I'd like to know what is the utility of C:\WINDOWS\TempFile file. I have a W2k3 R2 SP2 server and my backup tool (arcserve) sometimes cannot save this file as it is used by another process (an so the save in uncompleted). In order to resolve this "problem" I use process explorer to find the HANDLE and stop it. Once the handle is stopped, I have no more the problem until the next system reboot that the problem reappears. My question in this case is, what is this file? What is the utility for the system and why it is allocated by another process (system)? If as per its name it is a temporary file, why it is not being deleted automatically?Is there any solution for this issue? Thank you in advance ps: I have already placed a filter in arcserve in order to skip saving this file but no improvement. ps2: sorry for my english

Difficult to know without knowing the process name or executable. Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows]

Repost? Ok, I would run a full antivirus scan on the system, then check the file properties and set it to administrators full control over the file so your backup process can grab it.

Hi kouzoulos, I strongly suspect you have a virus. There is not supposed to be any file called TempFile in your Windows directory.If you found this post helpful, please give it a "Helpful" vote. If it answered your question, remember to mark it as an "Answer".

Hi, You may run Process Monitor to monitor what application uses the C:\WINDOWS\TempFile. You may download and install Process Monitor from the following link: Process Monitor v2.95 http://technet.microsoft.com/en-us/sysinternals/bb896645 Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

You may want to consider backing up your needed files and doing a fresh install. Change up your passwords. Highly advisable if you belive your system has been comprimised. You may want to look at creating a bootable USB stick with a good antivirus program on it, booting from it and perfomring a full low level scan.

You may want to consider backing up your needed files and doing a fresh install. Change up your passwords. Highly advisable if you belive your system has been comprimised. You may want to look at creating a bootable USB stick with a good antivirus program on it, booting from it and perfomring a full low level scan. Hello, It is not so easy to re-install the OS as it is a TS Server with 20-30 users...as per the virus scan...I've already scanned it with MalwareBytes,MRT,the local antivirus (etrust), scan with kaspersy.No virus detected.... Concerning the Backup profile...it is a profile with administrator privileges.

Difficult to know without knowing the process name or executable. Regards, Dave Patrick .... Microsoft Certified Professional Microsoft MVP [Windows] Hello Dave, as I said previously, in process explorer, I see the SYSTEM process...it is always the system...

here a screenshot that I took earlier: http://imageshack.us/photo/my-images/220/tempfile.jpg/

Kouzoulos, It looks like you have an active Trojan, based on what symantic and mcaffee report on TempFile.exe, sure it's running as system, becasue it's activly dug in there like a tick. Take administrative ownership of the file and remove it. I would look into standing up a new term server, install antivirus, then move the users over so you can rebuild the old one.

Kouzoulos, It looks like you have an active Trojan, based on what symantic and mcaffee report on TempFile.exe, sure it's running as system, becasue it's activly dug in there like a tick. Take administrative ownership of the file and remove it. I would look into standing up a new term server, install antivirus, then move the users over so you can rebuild the old one. Hello Jason, thank you for answering. The file disappears once the handle is "killed" till next system reboot...also, the file has no extension. In addition, I left for a while the file on the disk, and some minutes later, the size was at 8.8MB but I couldn't neither open it (if it would be possible) nor to copy it into another folder in order to analyze it.

Going out on a limb here, but your system may be rootkited.. which is not good. I would definitly look at a bootable USB with antivirus and advanced malware anti rootkit scanners on it.

thank you all for your suggestions. Have a great day! kouzoulos