Running XP with SP2, and I know where services.exe is supposed to be, but I'm concerned that the one I have in there is a Trojan of some type because I get firewall notifications of services.exe trying to initiate contact with IP addresses in China. I've done Windows Updates except for Service Pack 3 and IE.
There are also other services.exe on my drive in other locations, with later build numbers. I have checked and there are no "service.exe" files, just the plural "serviceS.exe"
No scans I've run (even Malwarebytes' Anti-Malware--which I was told was best for the services.exe trojans) pick up any malware at all (even when I scan the "services.exe" files. But I'm skeptical of their results because of the attempted HTTP traffic iniitated from services.exe.
- What is the information I should have for my services.exe file (size, date, build) if it's authentic?
- What other steps should I take?
Edit: Oh, and I have looked at the other "services.exe" trojan info I've seen on Google searches and none of those seem to fit this situation. I hesitate to think I am special enough to have a new one, but I sure am confused by it!
Edited by Gondring, 28 April 2009 - 08:50 AM.