services.exe - Dangerous
%windir%\services.exe
Manual removal instructions:
Antivirus Report of %windir%\services.exe:
%windir%\services.exe
I-Worm.Moodown.b
This worm spreads via the Internet as a file attached to infected emails.
Once launched, the worm displays a false error message on the screen: 'The file could not be opened'.
The worm copies itself to the Windows folder under the name 'services.exe' and adds the key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"service" = "%windir%\services.exe -serv"
The worm also creates the unique identifier 'AdmSkynetJklS003' to flag its presence in memory.
The worm creates a number of copies of itself in all sub-directories on disks which contain the word 'share' or 'sharing' in the directory name.
The copies will be under names chosen from the predefined list.
The worm finds files with some extensions, searches them for email addresses and sends a copy of itself to the addresses found.
Infected messages have random headers and subject text.
Use RegRun Startup Optimizer to remove this worm.
| %windir%\services.exe | Malware |
| %windir%\services.exe | Dangerous |
| %windir%\services.exe | High Risk |
This worm spreads via the Internet as a file attached to infected emails.
Once launched, the worm displays a false error message on the screen: 'The file could not be opened'.
The worm copies itself to the Windows folder under the name 'services.exe' and adds the key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"service" = "%windir%\services.exe -serv"
The worm also creates the unique identifier 'AdmSkynetJklS003' to flag its presence in memory.
The worm creates a number of copies of itself in all sub-directories on disks which contain the word 'share' or 'sharing' in the directory name.
The copies will be under names chosen from the predefined list.
The worm finds files with some extensions, searches them for email addresses and sends a copy of itself to the addresses found.
Infected messages have random headers and subject text.
Use RegRun Startup Optimizer to remove this worm.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.