"serivces.exe" process (how to remove ?)

[The Incredible]

heyz!

i have an old desktop with winXP running on it. It got infected by some penDrive, and now if I press any key more than once in succession, it won't work.

e.g, if I press '2', it writes '2' but if I again press '2', nothing happens.

i opened task manager and found a process "serivces.exe", obviously I tried ending it, some other processes "net1", "CMD" reruns it.

next i found a file "serivces.exe" in C:\Windows\system32\
so, i ended the process and immediately shredded the file.

But the problem remains!

Any Solution ?

[arpanmukherjee1]

its a virus and had multiple copies of itself.

use a online scanner or kaspersky trial version

[The Incredible]

@arpanmukherjee

I already have AVG Anti-virus, but for some reasons I'm unable to update it. I guess if I try to install Kaspersky Trial Version, AVG's gonna create conflict.

Isn't there a removal tool ?

I don't think an Online Scanner will be able to remove the virus, it'll only detect.

[arpanmukherjee1]

Quote:

Originally Posted by The Incredible

Isn't there a removal tool ?

there may be, if u know the name of virus/worm. to find that out i suggested the online scanning

symantec IMO keeps updating its removal tool library

worms may prevent AV s/w like avira or AVG to update. also may slow internet speeds by diverting traffic

[pauldmps]

Try using Malwarebytes or some online scanner.

[Vyom]

Such viruses don't get removed easily. But I were in your place, I would have tried Norton Antivirus. It is most effective in cleaning threats easily. It's trial version would be more than useful.
Its better you make backup of your data from the OS partition, and clean re-install the XP.

[Sam]

download-install avast & do a boot scan. also try MBAM.

[The Incredible]

I removed my AVG and ZoneAlarm, installed Kaspersky Trial and ran a full scan, it found another virus Win32/Heur, but perhaps it was unable to remove so I deleted the detected files by a shredder.

The problem persists. The same key doesn't works more than once when pressed repeatedly without switching to any other key.

Guys, I can't install each and every Anti-virus software one after another, it'll take days to scan and without any definiteness of error-removal. For instance I've already tried 2 very popular anti-virus software.

Please help!

[Vyom]

Believe me pal, you system is so screwed at this time, there is no point in even trying to correct it. Now you have two options:

1. Just move the useful files to another drive, and reinstall XP, formatting the current OS.

2. If you want to retain this OS only:
Dual boot, by installing XP on another drive. Then from the new XP, without navigating to other drives, download and install latest Antivirus (any, but with latest updates). Then do deep scan of all drives. In the end, go to original XP, and delete the XP which you installed from the drive.

If you are willing to do step 2, I may write proper steps for it.

All de best.

[CA50]

@OP, you can't your already installed AV due to this virus, you can try installing Avast in the safe more and run a through boot time scan.

Alternately boot from some linux distro or windows XP live CD and manually find the executable and delete it, make sure you delete all the related files and registry datas as well, else it will regenerate itself.

After doing some googling, found this tool to remove service.exe virus
Unhack me

Reference Link

[The Incredible]

@CA50

it's "serivces.exe" not "services.exe"

ok, i'll see what i can do.

[pulkitpopli2004]

Quote:

Originally Posted by vineet369

Believe me pal, you system is so screwed at this time, there is no point in even trying to correct it. Now you have two options:

1. Just move the useful files to another drive, and reinstall XP, formatting the current OS.

i had to use the step 1 too... wasnt able to find any solution to this virus last tym..

[Zangetsu]

@The Incredible: Install Quick Heal Antivirus as it scans the whole system before installation...

[gk2k]

If you can post your startup list i.e msconfig->StartUp with the full command list shown I can help you. If you want to remove the virus doing it manually is the way.

[The Incredible]

@gk2k

in what manner do you want me to post it ? you want a printscreen ?

i just checked the startup list and there a 'something' without a name, so obviously I disabled it. Still not working.

To be precise, if I give a gap of 2 seconds in between pressing the same key, it works.

[Zangetsu]

^Did u tried as I said....Try it problem will be solved

[Vyom]

Quote:

Originally Posted by The Incredible

@CA50
it's "serivces.exe" not "services.exe"

Glad you cleared that, cause I was about to request the mods to change the name of thread, cause I thought OP has misspelled it

Quote:

Originally Posted by pulkitpopli2004

i had to use the step 1 too... wasnt able to find any solution to this virus last tym..

Just after re-installation you mustn't use any other drives, cause there can be viruses lurking in every nook and corner of the folders of other drives. First you need to download and update antivirus, then scan complete system. And then you can use other drives.
I repeat again, DOWNLOAD, not INSTALL FROM OTHER DRIVES!

Quote:

Originally Posted by The Incredible

@gk2k

in what manner do you want me to post it ? you want a printscreen ?

i just checked the startup list and there a 'something' without a name, so obviously I disabled it. Still not working.

To be precise, if I give a gap of 2 seconds in between pressing the same key, it works.

So, you are saying you still want to proceed with manual removal of the virus! You are one brave soul.

[gk2k]

@incredible a screen shot if msconfig is difficult a ccleaner screen shot is better.
@vineet369:
I had this type of virus and have removed it manually. I have done it countless times for my friends.
Viruses and worms are nothing but programs that exploit the flaw in the design of the OS

[The Incredible]

@Zangestu: sorry! i didn't.

@gk2k: i ran symantec online scanner and it reported "0 threats"

[Tech.Masti]

Try Malwarebyte, Superantispyware.... cloud antivirus like Panda cloud, hitman etc,.... All those are free....

Though i also thinks that format and reinstallation of os and then download of antivirus from net without using drive is the best idea....

[The Incredible]

thnx for all the suggestions,
i tried panda and within 50% of scanning it resulted in 4 threats, for some reasons i couldn't let the scan complete, and now i've to leave the town for 2 months.

i'll look into the matter when i'll return (but the computer would still be used by my family members), now that i know panda resulted in threats when next i'll run the scan i'll note down the threats and will try to remove them manually.

of course, then, i'll post the result here as well.

sorry for the delay and thanx for all the support and suggestions.

[Vyom]

Sure dude... happy journey... meet you after the break.... (probably )

[Zangetsu]

Quote:

Originally Posted by The Incredible

now that i know panda resulted in threats when next i'll run the scan i'll note down the threats and will try to remove them manually.

No use of pointing down the threats on piece of paper & removing them manually....

The threats cud be polymorphic...so u will be irritated in manual removal process


if u dnt implement the suggestions then y use ur own thinking....