services.exe keeps connecting to internet, i have internet security, so i know what connecting. it just started all of a sudden recently, and is pretty annoying. is something i need? is it something i installed with another program? is there a reason it keeps trying to connect? Please help.
Services.exe is a Microsoft Application that is used only in Windows NT 4, 2000, and XP for starting, stopping, and interacting with system services. By chance , do you have your Remote Access Service (RAS)activated on your PC ? Now if you are talking about service.exe -- that's a very different situation -- It is a Trojan.--a new worm exploiting the 'Windows RPC Service' vulnerability . When the worm is executed, it tries to download additional files from the IP address 212.59.199.45, installs a backdoor and starts scanning random IP ranges for unprotected machines. When the worm finds an unpatched system, it creates a 7bit encoded file called DOWN.COM (8954 bytes) on the victim machine and executes it with IP address and a port number of the attacking host. The file will uses the Internet Explorer to download additional files from the attacking host, rather than downloading it from the IP address mentioned above. The files are downloaded to the SYSTEM folder: NTROOTKIT.EXE (128000 bytes) Backdoor Trojan NTROOTKIT.REG (245 bytes) Backdoor Trojan Regfile SERVICE.EXE (27136 bytes) Application to install Services SVCHOST32.EXE (14880 bytes) The worm itself SVCHOST.CMD (132 bytes) Batchfile Security Patches are available on Microsoft Update Page to counteract this vulnerability.
It's services.exe, not sure if my Remote Access is on, does it need to be on, where is it so i can check? thank for replying.
