mscalafasd
asked on
Can these files be safely removed from Windows Server 2003?
Hello,
Been having an issue with an infected Server 2003 Standard machine running Exchange Server 2003. It's been sending tons of SPAM out and processes are jumping all over the place in task manager, CPU is going from 17% to 40% to 100% very erratic.
Finally used Emisoft Anti-Malware and it actually found some things running. I had tried all kinds of root kit tools and they all came up clean.
My question is that it is reporting that the following files are infected or dangerous:
C:\windows\system32\LocalS
C:\windows\system32\rpcser
C:\windows\system32\mui\sv
I'm worried if I clean or really more worried if I delete these files that it will mess up the server even worse... are these required for Windows to function?
Thanks!
Matt
Been having an issue with an infected Server 2003 Standard machine running Exchange Server 2003. It's been sending tons of SPAM out and processes are jumping all over the place in task manager, CPU is going from 17% to 40% to 100% very erratic.
Finally used Emisoft Anti-Malware and it actually found some things running. I had tried all kinds of root kit tools and they all came up clean.
My question is that it is reporting that the following files are infected or dangerous:
C:\windows\system32\LocalS
C:\windows\system32\rpcser
C:\windows\system32\mui\sv
I'm worried if I clean or really more worried if I delete these files that it will mess up the server even worse... are these required for Windows to function?
Thanks!
Matt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I looked on two of my 2003 servers and these files dont exist. Just to be on the safe side, I would suggest that you add the extension .tobedeleted to these files and see how your server behaves.
I wouldnt recommend deleting any files rather move but check the below
Your Windows Server 2003 computer may experience an access violation in Svchost.exe when it becomes extremely low on resources
http://support.microsoft.com/kb/829994
Not sure about these files though
C:\windows\system32\LocalS
C:\windows\system32\rpcser
- Rancy
Your Windows Server 2003 computer may experience an access violation in Svchost.exe when it becomes extremely low on resources
http://support.microsoft.com/kb/829994
Not sure about these files though
C:\windows\system32\LocalS
C:\windows\system32\rpcser
- Rancy
ASKER