Solved

Can't delete/remove grpconv.exe

Posted on 2011-03-24
2
2,005 Views
Last Modified: 2013-11-22
We're doing some vulnerability remediation and grpconv.exe keeps coming up. The file is located in c:\windows\system32\. I am aware that grpconv.exe is used to convert legacy start menu items to a newer format. This is a Windows Server 2003 SP2 system, and so grpconv.exe is not needed on the server.

If I delete or rename c:\windows\system32\grpconv.exe, the file reappears after a few seconds. That's a clear warning sign. However, neither a Trend Micro manual scan or HijackThis reports anything odd on this system.

Thoughts/ideas?
0
Comment
Question by:puryear-it
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Accepted Solution

by:
OP_Zaharin earned 125 total points
ID: 35206582
hi,
- try to remove it using remover tool specifically for removing GrpConv:
http://www.securitystronghold.com/gates/grpconv.html

- or manually remove it using this method:
http://comprolive.com/remove/harmful/exe/ctfmon-exe-service-exe-wininet-exe-grpconv-exe
0
 

Author Comment

by:puryear-it
ID: 35215474
BTW, the simplest solution is to just reboot the server in Safe Mode and delete the files manually. So that's done.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question