Quoting Corrine Chorney (Microsoft MVP in Computer Security): "
Temp Extracted Executables in Archive Files refers to executables (e.g., .exe, .pdf) that are opened directly from a downloaded .zip, .rar, etc. rather than extracting first. An executable that is opened directly from the "archive" is opened in a temp file".
So that says WHAT they are. As for whether to check that box, CryptoPrevent's author, in the changelog to version 2.5, stated that
he left "
Temp Extracted Executable protection unchecked by default and [furthermore,] implemented a warning when checking this item, as [checking it] can cause issues with some apps/installations."
Personally, I have heeded that advice and left it UNchecked, accepting all the defaults. But others --- perhaps not noticing the author's disclaimer --- HAVE checked it.
Keep in mind that CryptoPrevent only protects against CryptoLocker --- it makes no attempt to protect against other forms of malware. [It might "accidentally" catch other malware, if, like CryptoLocker, they choose to run from one of the "locked"/protected directories.] In contrast, MBAM PRO offers protection against MANY forms of malware. Its creative team focus on the prevalent, more-stubborn, toughest malware, that often can make its way (undetected) passed many/most anti-virus programs. That's its niche. MBAM is not an anti-virus program --- it does not look for typical viruses. Rather, it is specifically written to COMPLEMENT whatever anti-virus program the user prefers.
Just so we understand, the FREE version of MBAM is a complete SCANNER and REMOVER. It is not a trial, its scanner/removal features are not limited. It's a great program for everyone to have, to attempt to repair a bad situation after the infection has set in.
The "limitation" in the free version is that it does not offer up-front protection. THAT'S the critical function of the PRO/paid version: It will prevent infection from setting-in in the first place, both my monitoring files as they're executed, as well as monitoring URLs, blocking those it believes to be bad. It's a one-time investment per machine (with the right to transfer that license from one machine to another, provided you "retire" usage of MBAM PRO on the former).
If you check various malware-removal forums, you'll see that MBAM [Free] is often the first tool they use to try to remove an infection. Any infection that MBAM Free can remove, after the fact,
could have been prevented, had the person been using MBAM PRO! In my opinion, it's worth every penny. Indeed, it's the only paid program that I strongly advocate --- in general, I think free programs (including of course, Avast), do a very good job.
EDIT / P.S. If you're considering MBAM PRO, now is the time to buy --- they're running a "Black Friday" 40% off sale this weekend (through Dec. 2nd):
http://www.malwarebytes.org/blackfriday/