|
services.exe (5.1.2600.0)
包含在软件 |
名字: | Windows XP Home Edition, Deutsch |
执照: | 商业 |
信息链接: | http://www.microsoft.com/windowsxp/ |
文件细节 |
文件道路: | C:\WINDOWS\system32 \ services.exe |
文件日期: | 2002-08-29 14:00:00 |
版本: | 5.1.2600.0 |
文件大小: | 101.888 字节 |
检查和和文件hashes |
CRC32: | 59F4EF56 |
MD5: | A87C 3A6B 407F B3B2 2C56 6315 607C E229 |
SHA1: | 9ECF 5BAC 16A2 F63E 0141 7565 E5CC D065 2845 4A2F |
版本资源信息 |
公司名称: | Microsoft Corporation |
文件描述: | Anwendung fr Dienste und Controller |
文件操作系统: | Windows NT, Windows 2000, Windows XP, Windows 2003 |
文件类型: | Application |
文件版本: | 5.1.2600.0 |
内部名: | services.exe |
法律版权: | Microsoft Corporation. Alle Rechte vorbehalten. |
原始的文件名: | services.exe |
产品名称: | Betriebssystem Microsoft Windows |
产品版本: | 5.1.2600.0 |
services.exe 被发现了在以下报告:
|
Adware.Replace |
技术细节 ...1.01.00.dll Services.exe When Adware.Replace is executed,... ...Creates the following files: %System%ServicesServices.exe 1.01.00.dll... ..."xpsystem"="%system%ServicesServices.exe" in the registry key:... ...in the [windows] section: run=%system%ServicesServices.exe load=%system%ServicesServices.exe... ...[windows] run=%system%ServicesServices.exe load=%system%ServicesServices.exe... 撤除指示 ..."xpsystem"="%system%ServicesServices.exe" Exit the Registry Editor.... ...look for a line similar to: run=%system%ServicesServices.exe load=%system%ServicesServices.exe... ...[windows] run=%system%ServicesServices.exe load=%system%ServicesServices.exe... 来源: http://securityresponse.symantec.com/avcenter/venc/data/adware.replace.html |
Adware.Clickbank |
技术细节 ...File names: Services.exe When Adware.Clickbank is run,... ...Copies itself as %Windir%system32inetsrvServices.exe. Note: %Windir% is a variable.... ..."SuperBar.Component" = %windir%system32inetsrvservices.exe "AdRotator.Application"... ..."{357AA41A-B7A8-4632-A27D-5B980B25CF43}" = %windir%system32inetsrvservices.exe to the registry key:... 撤除指示 ..."SuperBar.Component" = %windir%system32inetsrvservices.exe "AdRotator.Application"... 来源: http://securityresponse.symantec.com/avcenter/venc/data/adware.clickbank.html |
W32.HLLW.Kazping |
技术细节 ...Copies itself as %Windir%Services.exe NOTE: %Windir% is a variable.... ...Adds the value: "Services.EXE"="%windir%services.exe"... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion RunServices Copies itself to the following... 推荐 ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... 撤除指示 ...the worm runs as>" "Services.EXE"="%windir%services.exe"... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersion RunServices In the right pane, delete... ...the value: "Services.EXE"="%windir%services.exe"... 来源: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.kazping.html |
W32.Neveg.B@mm |
技术细节 ...Copies itself as %Windir%systemservices.exe. Note: %Windir% is a variable... ...".Prog" = "%Windir%systemservices.exe" "BuildLab" = "%Windir%systemservices.exe"... ..."ccApps" = "%Windir%systemservices.exe" "FriendlyTypeName"... ..."Microsoft Visual SourceSafe" = "%Windir%systemservices.exe" "RegDone" = "%Windir%systemservices.exe"... ..."TEXTCONV" = "%Windir%systemservices.exe" "WMAudio" = "%Windir%systemservices.exe"... 推荐 ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... 撤除指示 ...".Prog" = "%Windir%systemservices.exe" "BuildLab" = "%Windir%systemservices.exe"... ..."ccApps" = "%Windir%systemservices.exe" "FriendlyTypeName"... ..."Microsoft Visual SourceSafe" = "%Windir%systemservices.exe" "RegDone" = "%Windir%systemservices.exe"... ..."TEXTCONV" = "%Windir%systemservices.exe" "WMAudio" = "%Windir%systemservices.exe"... 来源: http://securityresponse.symantec.com/avcenter/venc/data/w32.neveg.b@mm.html |
W32.Neveg.C@mm |
技术细节 ...Copies itself as %WinDir%systemservices.exe. Note: %Windir% is a variable... ...".Prog"="%Windir%systemservices.exe" "BuildLab"= "%Windir%systemservices.exe"... ..."ccApps"="%Windir%systemservices.exe" "FriendlyTypeName"="%Windir%systemservices.exe"... ..."Microsoft Visual SourceSafe"="%Windir%systemservices.exe" "RegDone"="%Windir%systemservices.exe"... ..."TEXTCONV"="%Windir%systemservices.exe" "WMAudio"="%Windir%systemservices.exe"... 推荐 ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... 撤除指示 ...".Prog"="%Windir%systemservices.exe" "BuildLab"= "%Windir%systemservices.exe"... ..."ccApps"="%Windir%systemservices.exe" "FriendlyTypeName"="%Windir%systemservices.exe"... ..."Microsoft Visual SourceSafe"="%Windir%systemservices.exe" "RegDone"="%Windir%systemservices.exe"... ..."TEXTCONV"="%Windir%systemservices.exe" "WMAudio"="%Windir%systemservices.exe"... 来源: http://securityresponse.symantec.com/avcenter/venc/data/w32.neveg.c@mm.html |
W32.XTC.Worm |
威胁评估 ...Name of attachment: Services.exe Size of attachment:... 推荐 ...Turn off and remove unneeded services. By default, many operating... ...telnet, and a Web server. These services are avenues of attack. If they are removed, blended... ...If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.... ...Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services.... 撤除指示 ... The Services.exe worm program runs as a service.... ...before you can delete it. To remove Services.exe from memory In the registry, search for... ...In the Windows (Windows 9x) or WINNT (Windows NT2000) directory, delete Services.exe. Note:... ...Be careful not to remove the file c:winntsystem32services.exe (a Windows NT system file.)... 来源: http://securityresponse.symantec.com/avcenter/venc/data/w32.xtc.worm.html |
W32.Servese |
技术细节 ...makes a copy of itself as: WindowsServices.exe It then adds the value... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce It then exits.... 撤除指示 ...If the detected file is about 23 KB in size and the name is Services.exe, just you can delete this file.... ...... 来源: http://securityresponse.symantec.com/avcenter/venc/data/w32.servese.html |
|
|