Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2054
  • Last Modified:

Can't delete/remove grpconv.exe

We're doing some vulnerability remediation and grpconv.exe keeps coming up. The file is located in c:\windows\system32\. I am aware that grpconv.exe is used to convert legacy start menu items to a newer format. This is a Windows Server 2003 SP2 system, and so grpconv.exe is not needed on the server.

If I delete or rename c:\windows\system32\grpconv.exe, the file reappears after a few seconds. That's a clear warning sign. However, neither a Trend Micro manual scan or HijackThis reports anything odd on this system.

Thoughts/ideas?
0
puryear-it
Asked:
puryear-it
1 Solution
 
OP_ZaharinCommented:
hi,
- try to remove it using remover tool specifically for removing GrpConv:
http://www.securitystronghold.com/gates/grpconv.html

- or manually remove it using this method:
http://comprolive.com/remove/harmful/exe/ctfmon-exe-service-exe-wininet-exe-grpconv-exe
0
 
puryear-itAuthor Commented:
BTW, the simplest solution is to just reboot the server in Safe Mode and delete the files manually. So that's done.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now