Service.exe Process

0 pts.
Tags:
Application security
Database
DataCenter
Development
Encryption
Incident response
Instant Messaging
Microsoft Exchange
Secure Coding
Security
Vulnerability Assessment & Audit
I have a w2k pro computer that is experiencing an incredible slowness, when I check the runing processes, I find service.exe is eating up over 90% of the cpu, starving out any other application/process. Has anybody come accross this problem and knows how to fix it? any suggestion would be appreciated. thanks.
ASKED: April 18, 2005  1:02 PM
UPDATED: June 8, 2005  1:57 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

sounds like a virus…See NOTE…

Process File: services or services.exe
Process Name: Windows Service Controller

Description:
services.exe is a part of the Microsoft Windows Operating System and manages the operation of starting and stopping services. This process also deals with the automatic starting of services during the comptuers boot-up and the stopping of servicse during shut-down. This program is important for the stable and secure running of your computer and should not be terminated.

Note: services.exe is also a process which is registered as the W32.Randex.R Trojan. This Trojan allows attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately.

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Howard2nd
    'Randex' or 'Sasser', when you have progressive memory leaks in Lsass and the 'Services' process next to it, you get to the point where 'Services' trying to start will consume all resources. If a restart pushes the sizes back down and things return to normal then it is likely to be a 'Sasser' variant, If not then 'Randex'. As there are several thousand clones out there I can not give specific removal suggestions. But a good start is the Microsoft malicious software removal tool.
    30 pointsBadges:
    report
  • Anannymouse
    Hello Everyone, I agree with aclark95 - sounds like a virus. The important point here is that the process is consuming an extra-ordinarily large amount of the processor. If it were not (and you were running a Dell machine or SCSI adapter) then it might not be. When checking services I have always found Google to be a great source of information. Just type in the name and away you go. If you would like a more targeted approach to identifying processes you can go to http://www.liutilities.com/ They consitantly provide good info even in the free write-ups. Here is what they have to say about Service.exe: Description: service.exe is a process belonging to the Dell Solution Center which offers worldwide technical support and training for it's products. This program is important for the stable and secure running of your computer and should not be terminated. This process is also intalled alongside Adaptec SCSI cards, and again should not be terminated unless causing problems. Note: service.exe is also a process which is registered as the Win32.Raleka worm. This virus is distributed via the Internet through e-mail and comes in the form of an e-mail message, in the hopes that you open it?s hostile attachment. The worm has it?s own SMTP engine which means it gathers E-mails from your local computer and re-distributes itself. In worst cases this worm can allow attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately. Please see additional details regarding this process
    0 pointsBadges:
    report
  • Aljay165
    I use a program called ProcessExplorer.exe to identify exactly what is draining resources. It shows all running programs running in a directory tree view, so it will identify the specific program running under Services.exe that is draining resources.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following