Have a question on a startup process but didn't know what forum to post this up at so I picked security.
Hey I found a startup process called iservices.exe with the name kUD218Orbu but I only see this in Glary Utilities and not msconfig. I have searched the internet and found nothing about it. The only things that came up were services.exe with out the "i" or iservice.exe without the "s" not plural. Also when I ran firefox in my running processes I see that iservices was in front of my firefox process. I have ran Avira, malwarebytes, windows defender, and trend micros house call. Found nothing! Also I can not locate this file at all when I do a search for it? Is this a Windows 7 process or something from a program I installed? This thing is weird. oh and if anyone knows where a good forum for this subject please post it. Thanks.
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
I only see this process in Glary utilities startup manager and when I click browse it just dumps me into my documents folder. Registery Im not that good with it and its hard for me to filter were the location would be.
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
Download HijackThis! HijackThis - Trend Micro USA
Right click on it and choose "Run as Administrator". Click 'Do a System Scan and Save logfile'.
The HJT log will open in notepad. Please copy and paste the .txt log in your next reply.
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:46:25 PM, on 12/17/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Double-click on OTS.exe to start the program. Make sure you close all other programs.
Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and post the information back here as an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.
Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way.
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
I see instances of iservices:
iservices.reg -> C:\Users\Snowman\Desktop\iservices.reg
reg found iservices.jpg -> C:\Users\Snowman\Desktop\reg found iservices.jpg
iservices.png -> C:\Users\Snowman\Desktop\iservices.png
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
It might have been something that was previously installed cause there is no iservices.exe anywhere on my comp. Just that registry location which I found and deleted. So who knows, thanks for your effort and time though. Also those findings you see where a export of the deleted registry entry (backup) and the others where just screenshots of it for the forums.
EDIT: After adding this post I double checked again and see iservices.exe is in front of my firefox. The thing is I dont see this in any other apps but Glary.