I am now certain the files were malicious. It could have been a trojan, it could have been spyware, it could have been adware.
No legitimate application would be named taskmgr, and have the company field set to "Microsoft". That is clearly an attempt at hididng it. The "real" taskmgr.exe (and there is only one), should sit in "c:\windows\system32". That means the one in "c:\windows" was probably the fake one. Try comparing the two filesizes.
I went into the properties and they are all microsoft applications.
That just shows the contents of the 'company' tag, which the software developer can set as they like. If someone wants to hide something, "Microsoft" seems a very logical thing to set as the company rather than "TrojanWare Inc.".
Sometimes viewing an exe in a hex editor will reveal some tell-tale strings. If everything looks like garbage except ".....LOG.KEYBOARD.EVENTS....." and ".....CORRUPT.WINDOWS.INSTALLATION...." you know its most likely not too innocent. Then again its easy to compress EXEs in which case viewing the code would tell you nothing.