Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Services.exe starting a VIRUS?????

Status
Not open for further replies.
lselbach

lselbach

MIS
Jun 8, 1999
6
0
0
hi, pals. I´m passing thru a really annoying situation. After a hang in my system, wich took out about 10 keys from the RUN subkey on the register, i started to think that i could be a virus victim. Although running Norton Internet Security and Norton Antivirus and allways updating them, i believe that this virus has installed as a win2k service, running very low and deactivating my antivirus and my firewall.
After removing NIS and NAV with a Symantec´s utility, i´ve reinstalled them and updated. After that, NIS report me an alert to SERVICES.ESE who was trying to establish a connection using UDP. I´ve blocked the app and i´m still trying to find wherever this virus can be.
If you know the proccess, access the list of services at


and tell me something.
I´m sending this message to symantec too.

regards and tks for all



-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
Skywalker
May the force be with you - always
Visit my website at
 
Sort by date Sort by votes
what is the date and time of services.exe and what service pack are you using? where is it trying to connect? you got anything that will tell you where it wants to go?
 
Upvote 0 Downvote
reason i'm asking is that services is SUPPOSED to do stuff like that as it services other processes with dhcp, dns, time and other calls.
 
Upvote 0 Downvote
If you really want to be safe, try Hauri's ViRobot Expert, its a much more solid scanner than Norton. I like it a lot.
Read this article, it convinced me... It can clean viruses from running processes, which Norton cannot. This would be especially useful to you, I think.


Matt
 
Upvote 0 Downvote
in order:
- the date is 7-1-2002, 8:34, 87Kb. My question is´nt if the services.exe is infected, but if the crackers could insert in the windows services a trojan horse.

- Matt, i´ve tried Hauri and it freezed my system, restarting after logon. I had to uninstall from safe mode. Got back to NIS and NAV 2002.

Have you seen the services at
???????

I think that there is something there to be viewed.

regards and tks for answering.

-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
Skywalker
May the force be with you - always
Visit my website at
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Flinx
  • Locked
  • Question
the SAGA of trying to get a computer to sleep and wake up on a schedule
Replies
1
Views
252
Flinx
Flinx
Sebastian42
  • Locked
  • Question
Getting a drive REdetected
Replies
18
Views
233
Rick998
Rick998
Deniall
  • Locked
  • Question
AutoHotKey for a very simple task 1
Replies
5
Views
136
Deniall
Deniall
dpellegrini
  • Locked
  • Question
Unable to map a drive
Replies
12
Views
204
dpellegrini
dpellegrini
dik
  • Locked
  • Question
Deleting a file 1
Replies
13
Views
115
dik
dik

Part and Inventory Search

Sponsor

Back
Top