Solved

Can't delete/remove grpconv.exe

Posted on 2011-03-24
2
1,960 Views
Last Modified: 2013-11-22
We're doing some vulnerability remediation and grpconv.exe keeps coming up. The file is located in c:\windows\system32\. I am aware that grpconv.exe is used to convert legacy start menu items to a newer format. This is a Windows Server 2003 SP2 system, and so grpconv.exe is not needed on the server.

If I delete or rename c:\windows\system32\grpconv.exe, the file reappears after a few seconds. That's a clear warning sign. However, neither a Trend Micro manual scan or HijackThis reports anything odd on this system.

Thoughts/ideas?
0
Comment
Question by:puryear-it
2 Comments
 
LVL 23

Accepted Solution

by:
OP_Zaharin earned 125 total points
ID: 35206582
hi,
- try to remove it using remover tool specifically for removing GrpConv:
http://www.securitystronghold.com/gates/grpconv.html

- or manually remove it using this method:
http://comprolive.com/remove/harmful/exe/ctfmon-exe-service-exe-wininet-exe-grpconv-exe
0
 

Author Comment

by:puryear-it
ID: 35215474
BTW, the simplest solution is to just reboot the server in Safe Mode and delete the files manually. So that's done.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
vMware vShield Endpoint 6.0 4 96
Moving RDP Server to New Server. 3 66
What is this Task? 4 132
Way to setup network drive share permanently mapped to server 3 73
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question