There is likely an easier solution than this but the way I would do it is run ProcessMonitor
on the server. Filter it to just that directory and delete the file. You should see it log an action of what program is recreating the file. I would guess it is either a service or an exe running in background watching that folder to see if the file gets deleted or altered.
Edit: I am sure you know this but be careful changing passwords on the administrative accounts usually a whole bunch of stuff breaks when you do that on a server
Edited by thefr34k, 01 December 2011 - 01:38 PM.