service.exe

  • Thread starter Thread starter pippo
  • Start date Start date
P

pippo

I have a file in my windows\system folder called "service.exe". I never
run it although it
constantly seems to be running, i know this not because it shows up in the
(ctrl)-(alt)-(delete) menu, but because windows tells me it can't delete it
because it's in use by windows. Why the heck is my firewall asking me if i
want to let it access the internet and when i say "yes", the
next question to come up is "Do you want to allow service.exe to act as a
server?"? is it just me or do all Win ME users have a file like this? Can
anyone suggest how to rid myself of it?
 
Services.exe is a necessary file/process for Windows 2000/XP. Anytime you are in
doubt, run a virus scan on your computer with the very latest virus definitions. You
can also search Google for a process or executable name to find more information
about it and the possibility of it being something bad. I also suggest running SpyBot
Search and Destroy to check for parasites and in advanced mode/tools it has a nice
process tracker/mapper and using something like Fport or TcpView to see what
applications/process are listening or connected to the internet. Software firewalls
do not always distinguish between what is the internet as we think of it and what is
not. If you are on a lan, it will help to add the lan network address to the trusted
list and a lot of those access massages will go away. Many time a firewall will also
report access to itself by ip address as shown in ipconfig /all or 127.0.0.1 as an
attempt to the internet. You should not generally allow services to access real
internet addresses and not act as a server to them unless you are allowing inbound
access from a particular trusted ip address. W2K/XP Pro will try to access your ISP
dns servers on port 53 UDP if you do not disable "register this connection" in dns
properties in tcp/ip if you are not a W2K domain member for reasons other that name
resolution. You also should disable file and print sharing if you do not use it. In
general it is better to deny access, particularly if you are a stand alone computer,
keeping in mind that if something does not work right you may need to go back and
change the setting. Personal firewalls can also be configured not to bother you again
about a particular access issue. --- Steve

http://www.microsoft.com/security/protect/
http://www.safer-networking.org/
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
 
Back
Top