Personalised Settings/ Services.exe

Hello,

A couple of days ago I posted the following message hoping that someone could help me, but there was no answer. I post the same message again:

I have a real problem with my PC and I do not know how to solve it. Today I run a keygen that was not a keygen. It is an exe file called services.exe, once I run it started to install something in my PC. When I saw this, because there was a small dialogue box on the screen I switched the PC OFF.

The problem is that then when I started the PC the process goes on again, so I disconnected my router and the computer hangs in there, with a small rectangle (dialogue box) of the services.exe

I had tried to restart my PC with a floppy disk for windows '98 and XP but none of them make a full restart because the C:\ drive is not recognised. I do get a message that some virus could be the reason. I do believe the problem is that those floppies are for FAT systems and my PC is in NTSC. I have Win XP SP3 in my PC.

Just now I started the PC with internet access and what it does is:

WinXP starts as usual, but after writing my password, it does not go into the start menu with all the icons. It just hangs with the small dialogue box (rectangular) with the following message:

“Setting up personalised settings for:
C:\Program Files\Services.exe”

My idea was to start with a floppy and delete this file, but I had no luck.

More info: When I start with internet access and when the above message is in the screen, I can see the router working and there is data coming or going out because the router lights are flashing.

The question is: How can I get access to my PC again? How do I get rid of this “services.exe” file?

I do have installed Avast and SpyBot in my PC.

Any assistance on how to regain control of my PC and clearing this problem it will be appreciated!!

Thanking in advance.

Regards,

Carlos

  1. Try to run avast booting at Safe Mode.
  2. Or boot in Safe Mode and run DrWeb CureIT! instead.
  3. Or use the Avira rescue CD. Download the file, or get someone to do it for you, double click on file, and you will be prompted to burn to CD. Insert CD into the infected PC and boot up. Choose option 2 for virus scanning. Choose language, then PRESS SPACE, then enter. The download is updated daily. Good luck and post back.
    http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html

Thanks for your answer.

I had run the file you suggested, no viruses were found.

Then, I attempted to run a system recovery from WinXP Pro with the setup disks, it did it not work either, and now everytime I swith on the PC, it just get into a black screen, it seems to me that the only option left is just to reformat the HD and install everything again.

I connected my HD to another PC to transfer data and it says the HD is not formatted, which is crazy.
Do you now of any way how I could recover the data?

Thanks for any suggestions you may have.

HI,

since my last post I managed to recover the HD partition, saved me data, and at the moment with the PC in Safe mode with Dr Web running.

Tomorrow I write again with more details.

Cheers,

Carlos

Hi,

This is an update on this virus issue.

I run the Avira rescue cd, but it only either find the viruses or rename those files, but the files are not deleted. So it did not help me much.

Then, I managed to start the PC in safe mode and run Dr Web (I think its called). This time because of the amount of data in the HD needed a few hours to run. It was very late at night and decided to stop it, delete many files already recovered and continue with the scan the following morning. The next morning did not give me the chance to start in safe mode.

So I reformatted the HD and reinstalled Windows again.

The software I used to recover my data is “Testdisk”, it may be downloaded from

http://www.cgsecurity.org/wiki/TestDisk_Download

A very useful utility to recover data.

After the data was recovered I thought to make a fresh start, because it should take me less time than cleaning the HD.

Thanks, very much for your assistance with this trouble.

Cheers,

Carlos

The renamed files are, in general, inert. You can search for them later (by extension) and manual delete them.

There isn’t that much we can do now… hope we get the experience, be safe, be protected and surf safely now…