Re: Flush.exe & Flushserv.exe

From: H C (
Date: 07/31/02

Date: Wed, 31 Jul 2002 12:54:10 -0700 (PDT)
From: H C <>
To: Jeremy Broadway <>,


If these files are still running on the system, here's
what I would suggest...

Get a complete view of the running processes by using
the following commands:

handle.exe (SysInternals)
pslist.exe (SysInternals)
listdlls.exe (SysInternals)
fport.exe (FoundStone)
'netstat -a' (native)

Run these commands and redirect the output of each to
a file. Then go to and get either
the Perl script, or the pd.exe executable
(Perl script w/ a GUI compiled into a standalone EXE)
in the archive Either one of these two will
parse through the above 5 files you've created, and
produce an output file similar to:

This is a little easier to read, and may help you
determine something more about these files. Given the
previous thread you mentioned, perhaps running
find.exe on your IIS log files, looking for either
file, would give you something to work with.

HTH...if you have any questions, drop me a line.

--- Jeremy Broadway <> wrote:
> These files were discussed approximately one year
> ago, but the thread is
> lacking a lot of information, I was hoping some of
> you guys have some
> more information on these files. The previous
> thread is located here:
> Searching for the
> file names on Google turns up no information either.
> I found these on
> my exchange 2000 box when I was preparing to upgrade
> to exchange 2k sp3.
> Flushserv.exe was running as a service and I am not
> sure what it was
> doing. I'm not sure how it got on there either. It
> says the company
> name is American Megatrends Inc in the description
> of the file (however
> I am not running any of their hardware/software that
> I know of), the
> icon of it though looks like it was crudely drawn in
> ms paint, and the
> flush.exe icon is a standard mfc icon. I almost
> always patch the server
> within 2-3 days of a patch being released and Norton
> Antivirus CE 7.6
> does not detect it as a known virus. A few other
> people have access to
> that box and I will be talking with them today to
> see if they installed
> or changed anything recently.
> Software running on the server includes:
> Windows 2000 Server SP2 + all patches up to now
> IIS 5.0 + all patches and lockdown utilities.
> Arc Serve 2000
> Exchange 2k SP3
> Norton Antivirus CE 7.6 + related tools like the SSC
> console, AMS and
> Intel pds services.
> APC Powerchute Server
> HP Netraid Utility.
> Terminal Services (admin mode)
> Thanks for your help in advance!
> Jeremy Broadway
> Systems Administrator
> Office: 734-425-7977 x115
> Cell: 734-216-9359

Do You Yahoo!?
Yahoo! Health - Feel better, live better

Relevant Pages

  • Re: remove exchange 5.5 server without uninstalling
    ... If you could post the commands. ... > telnetting to port 25 on the server and acting like an SMTP server. ... >> dont want to remove exchange right now. ...
  • Flush.exe & Flushserv.exe
    ... my exchange 2000 box when I was preparing to upgrade to exchange 2k sp3. ... flush.exe icon is a standard mfc icon. ... Software running on the server includes: ... IIS 5.0 + all patches and lockdown utilities. ...
  • Re: Relay Error?
    ... The error is being *reported* by Exchange, but the error came from the ... thinking that it's a configuration issue with my Exchange Server. ... Was it the RCPT TO ... Are you sure that the commands you used in your telnet session were ...
  • RE: setup / forestprep & setup/domainprep
    ... Thank you for using Microsoft Small Business Server newsgroups. ... Domainprep commands in SBS/Windows 2003. ... configure the Active Directoy for the installation of Exchange 2000/2003. ... These commands will not make changes to standard Active Directory settings, ...
  • Re: Online Status icon unclear
    ... With POP account/Allow Online Access, and Leave Messages on the Server, I do ... the green-wires on-server icon, as you say. ... Now I can't speak for Exchange accounts, ...