I've got a domain controller/file/print server running W2k SP4 that has McAfee VirusScan Enterprise 7.1 on it. The last couple weeks we've been getting the following warning........The file C:\WINNT\system32\PSEXESVC.EXE is infected with the RemAdm-ProcLaunch Program. Delete failed, quarantine failed. Detected using Scan engine version 4.3.20 DAT version 4410.(from Server IP 18.104.22.168 user SYSTEM running VirusScan EntSv 7.1.0 OAS). We've been running this virus scan on the machine for about a month or more. There were no problems until just recently.
I know Sysinternals has some PStools that you can use to remotely manage PCs. There is also a service on my server called PSEXESVC that is not running and it set to manual. I've got other W2k servers w/SP4 and none of them have this service. I'm not finding any information about where this service came from or why it's on this particular one and not the others. I've looked on McAfee's web site and read that it's not a virus, but a potentially dangerous program. I would like to know why this server has this service for one. I didn't build this server; I need to know if I need this service and/or file.