services.exe (5.1.2600.0)

Contenu dans le logiciel
Nom:	Windows XP Home Edition, Deutsch
Permis:	commercial
Lien de l'information:	http://www.microsoft.com/windowsxp/
Détails de dossier
Chemin de dossier:	C:\WINDOWS\system32 \ services.exe
Date de dossier:	2002-08-29 14:00:00
Version:	5.1.2600.0
Volume de fichier:	101.888 bytes
La somme et le dossier hache
CRC32:	59F4EF56
MD5:	A87C 3A6B 407F B3B2 2C56 6315 607C E229
SHA1:	9ECF 5BAC 16A2 F63E 0141 7565 E5CC D065 2845 4A2F
L'information de ressource de version
Nom de compagnie:	Microsoft Corporation
Description de dossier:	Anwendung f�r Dienste und Controller
Logiciel d'exploitation de dossier:	Windows NT, Windows 2000, Windows XP, Windows 2003
Type de dossier:	Application
Version de dossier:	5.1.2600.0
Nom interne:	services.exe
Copyright légal:	� Microsoft Corporation. Alle Rechte vorbehalten.
Nom de fichier original:	services.exe
Nom de produit:	Betriebssystem Microsoft� Windows�
Version de produit:	5.1.2600.0

services.exe a été trouvé dans les rapports suivants:


Adware.Replace
Détails techniques ...1.01.00.dll Services.exe When Adware.Replace is executed,... ...Creates the following files: %System%ServicesServices.exe 1.01.00.dll... ..."xpsystem"="%system%ServicesServices.exe" in the registry key:... ...in the [windows] section: run=%system%ServicesServices.exe load=%system%ServicesServices.exe... ...[windows] run=%system%ServicesServices.exe load=%system%ServicesServices.exe... Instructions de déplacement ..."xpsystem"="%system%ServicesServices.exe" Exit the Registry Editor.... ...look for a line similar to: run=%system%ServicesServices.exe load=%system%ServicesServices.exe... ...[windows] run=%system%ServicesServices.exe load=%system%ServicesServices.exe... Source: http://securityresponse.symantec.com/avcenter/venc/data/adware.replace.html
Adware.Clickbank
Détails techniques ...File names: Services.exe When Adware.Clickbank is run,... ...Copies itself as %Windir%system32inetsrvServices.exe. Note: %Windir% is a variable.... ..."SuperBar.Component" = %windir%system32inetsrvservices.exe "AdRotator.Application"... ..."{357AA41A-B7A8-4632-A27D-5B980B25CF43}" = %windir%system32inetsrvservices.exe to the registry key:... Instructions de déplacement ..."SuperBar.Component" = %windir%system32inetsrvservices.exe "AdRotator.Application"... Source: http://securityresponse.symantec.com/avcenter/venc/data/adware.clickbank.html
W32.HLLW.Kazping
Détails techniques ...Copies itself as %Windir%Services.exe NOTE: %Windir% is a variable.... ...Adds the value: "Services.EXE"="%windir%services.exe"... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion RunServices Copies itself to the following... Recommandations ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... Instructions de déplacement ...the worm runs as>" "Services.EXE"="%windir%services.exe"... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion RunServices In the right pane, delete... ...the value: "Services.EXE"="%windir%services.exe"... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.kazping.html
W32.Neveg.B@mm
Détails techniques ...Copies itself as %Windir%systemservices.exe. Note: %Windir% is a variable... ...".Prog" = "%Windir%systemservices.exe" "BuildLab" = "%Windir%systemservices.exe"... ..."ccApps" = "%Windir%systemservices.exe" "FriendlyTypeName"... ..."Microsoft Visual SourceSafe" = "%Windir%systemservices.exe" "RegDone" = "%Windir%systemservices.exe"... ..."TEXTCONV" = "%Windir%systemservices.exe" "WMAudio" = "%Windir%systemservices.exe"... Recommandations ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... Instructions de déplacement ...".Prog" = "%Windir%systemservices.exe" "BuildLab" = "%Windir%systemservices.exe"... ..."ccApps" = "%Windir%systemservices.exe" "FriendlyTypeName"... ..."Microsoft Visual SourceSafe" = "%Windir%systemservices.exe" "RegDone" = "%Windir%systemservices.exe"... ..."TEXTCONV" = "%Windir%systemservices.exe" "WMAudio" = "%Windir%systemservices.exe"... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.neveg.b@mm.html
W32.Neveg.C@mm
Détails techniques ...Copies itself as %WinDir%systemservices.exe. Note: %Windir% is a variable... ...".Prog"="%Windir%systemservices.exe" "BuildLab"= "%Windir%systemservices.exe"... ..."ccApps"="%Windir%systemservices.exe" "FriendlyTypeName"="%Windir%systemservices.exe"... ..."Microsoft Visual SourceSafe"="%Windir%systemservices.exe" "RegDone"="%Windir%systemservices.exe"... ..."TEXTCONV"="%Windir%systemservices.exe" "WMAudio"="%Windir%systemservices.exe"... Recommandations ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... Instructions de déplacement ...".Prog"="%Windir%systemservices.exe" "BuildLab"= "%Windir%systemservices.exe"... ..."ccApps"="%Windir%systemservices.exe" "FriendlyTypeName"="%Windir%systemservices.exe"... ..."Microsoft Visual SourceSafe"="%Windir%systemservices.exe" "RegDone"="%Windir%systemservices.exe"... ..."TEXTCONV"="%Windir%systemservices.exe" "WMAudio"="%Windir%systemservices.exe"... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.neveg.c@mm.html
W32.XTC.Worm
Évaluation de menace ...Name of attachment: Services.exe Size of attachment:... Recommandations ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... Instructions de déplacement ... The Services.exe worm program runs as a service.... ...before you can delete it. To remove Services.exe from memory In the registry, search for... ...In the Windows (Windows 9x) or WINNT (Windows NT2000) directory, delete Services.exe. Note:... ...Be careful not to remove the file c:winntsystem32services.exe (a Windows NT system file.)... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.xtc.worm.html
W32.Servese
Détails techniques ...makes a copy of itself as: WindowsServices.exe It then adds the value... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce It then exits.... Instructions de déplacement ...If the detected file is about 23 KB in size and the name is Services.exe, just you can delete this file.... ...... Source: http://securityresponse.symantec.com/avcenter/venc/data/w32.servese.html

Navigation

Passez en revue les dossiers

• de nom

services.exe (5.1.2600.0)

Contenu dans le logiciel

Détails de dossier

La somme et le dossier hache

L'information de ressource de version

services.exe a été trouvé dans les rapports suivants:

Adware.Replace

Adware.Clickbank

W32.HLLW.Kazping

W32.Neveg.B@mm

W32.Neveg.C@mm

W32.XTC.Worm

W32.Servese

Navigation