Advertisement
Guest User

U17O0GX4CU47SSZTO

a guest
Sep 20th, 2017
103
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 63.21 KB | None | 0 0
  1.  
  2. Sysinternals Autoruns v13.80 - Autostart program viewer
  3. Copyright (C) 2002-2017 Mark Russinovich
  4. Sysinternals - www.sysinternals.com
  5.  
  6. Time,Entry Location,Entry,Enabled,Category,Profile,Description,Signer,Company,Image Path,Version,Launch String
  7. 9/20/2017 2:04 AM,HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute,,,"Boot Execute",System-wide,,,,,,
  8. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute","autocheck autochk *",enabled,"Boot Execute",System-wide,"Auto Check Utility","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\autochk.exe",6.3.10240.16384,"autocheck autochk *"
  9. 3/6/2017 2:10 PM,HKLM\Software\Microsoft\Office\Outlook\Addins,,,"Office Addins",System-wide,,,,,,
  10. 12/19/2013 7:41 AM,"HKLM\Software\Microsoft\Office\Outlook\Addins","Groove OutlookProxyAddIn",enabled,"Office Addins",System-wide,"Microsoft SharePoint Workspace Extensions","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files\microsoft office\office14\grooveex.dll",14.0.7113.5005,"HKCR\CLSID\{E886F1D9-7842-485D-8EDF-9E1C7062A483}"
  11. 12/19/2012 12:54 AM,"HKLM\Software\Microsoft\Office\Outlook\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOutlook Addin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\mail\outlook\x64\pdfmoutlookaddin.dll",11.0.1.36,"HKCR\CLSID\{9177B23F-7D46-11D6-B816-00C04FC06913}"
  12. 8/3/2016 11:35 AM,"HKLM\Software\Microsoft\Office\Outlook\Addins","Windows_Search_OutlookToolbar",enabled,"Office Addins",System-wide,"Outlook MSSearch Connector","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\mssphtb.dll",7.0.10240.17071,"HKCR\CLSID\{F37AFD4F-E736-4980-8650-A486B1F2DF25}"
  13. 3/6/2017 2:10 PM,HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins,,,"Office Addins",System-wide,,,,,,
  14. 11/5/2012 10:24 PM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","BCSAddin Connect class",enabled,"Office Addins",System-wide,"Microsoft Office 2010 component","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\addins\bcsaddin.dll",14.0.7005.1000,"HKCR\CLSID\{9F787EA5-5EA9-4288-A7D7-A110E8A57494}"
  15. 12/19/2013 7:37 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","Groove OutlookProxyAddIn",enabled,"Office Addins",System-wide,"Microsoft SharePoint Workspace Extensions","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\grooveex.dll",14.0.7113.5005,"HKCR\CLSID\{E886F1D9-7842-485D-8EDF-9E1C7062A483}"
  16. 2/14/2013 10:43 PM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","Microsoft VBA for Outlook Addin",enabled,"Office Addins",System-wide,"Outlook VBA Integration Add-In","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\addins\outlvba.dll",14.0.7010.1000,"HKCR\CLSID\{799ED9EA-FB5E-11D1-B7D6-00C04FC2AAE2}"
  17. 10/31/2015 11:23 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","OneNote Notes about Outlook Items",enabled,"Office Addins",System-wide,"Microsoft OneNote Outlook Add-in","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\onbttnol.dll",14.0.7163.5000,"HKCR\CLSID\{B8DD1F2D-BED0-4298-B0D5-9B08F8FAD6CB}"
  18. 5/13/2015 8:21 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","Connect Class",enabled,"Office Addins",System-wide,"Microsoft Outlook Social Connector","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\socialconnector.dll",14.0.7151.5000,"HKCR\CLSID\{2163EB1F-3FD9-4212-A41F-81D1F933597F}"
  19. 12/19/2012 12:53 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOutlook Addin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\mail\outlook\pdfmoutlookaddin.dll",11.0.1.36,"HKCR\CLSID\{9177B23F-7D46-11D6-B816-00C04FC06913}"
  20. 8/3/2016 11:25 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","Windows_Search_OutlookToolbar",enabled,"Office Addins",System-wide,"Outlook MSSearch Connector","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\syswow64\mssphtb.dll",7.0.10240.17071,"HKCR\CLSID\{F37AFD4F-E736-4980-8650-A486B1F2DF25}"
  21. 11/11/2015 9:41 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Outlook\Addins","FormRegionAddin Class",enabled,"Office Addins",System-wide,"","(Verified) Microsoft Corporation","","c:\program files (x86)\microsoft office\office14\addins\umoutlookaddin.dll",14.0.7164.5000,"HKCR\CLSID\{F959DBBB-3867-41F2-8E5F-3B8BEFAA81B3}"
  22. 12/9/2016 2:43 PM,HKLM\Software\Microsoft\Office\Excel\Addins,,,"Office Addins",System-wide,,,,,,
  23. 12/19/2012 12:52 AM,"HKLM\Software\Microsoft\Office\Excel\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\x64\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  24. 12/9/2016 2:43 PM,HKLM\Software\Wow6432Node\Microsoft\Office\Excel\Addins,,,"Office Addins",System-wide,,,,,,
  25. 12/19/2012 12:52 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Excel\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  26. 12/9/2016 2:43 PM,HKLM\Software\Microsoft\Office\PowerPoint\Addins,,,"Office Addins",System-wide,,,,,,
  27. 12/19/2012 12:52 AM,"HKLM\Software\Microsoft\Office\PowerPoint\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\x64\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  28. 12/9/2016 2:43 PM,HKLM\Software\Wow6432Node\Microsoft\Office\PowerPoint\Addins,,,"Office Addins",System-wide,,,,,,
  29. 12/19/2012 12:52 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\PowerPoint\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  30. 12/9/2016 2:43 PM,HKLM\Software\Microsoft\Office\Word\Addins,,,"Office Addins",System-wide,,,,,,
  31. 12/19/2012 12:52 AM,"HKLM\Software\Microsoft\Office\Word\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\x64\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  32. 12/9/2016 2:43 PM,HKLM\Software\Wow6432Node\Microsoft\Office\Word\Addins,,,"Office Addins",System-wide,,,,,,
  33. 12/19/2012 12:52 AM,"HKLM\Software\Wow6432Node\Microsoft\Office\Word\Addins","Acrobat PDFMaker Office COM Addin",enabled,"Office Addins",System-wide,"PDFMOfficeAddin Module","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\adobe\acrobat 11.0\pdfmaker\office\pdfmofficeaddin.dll",11.0.1.36,"HKCR\CLSID\{5789D319-A0E6-4788-8120-B0D3D1AB9797}"
  34. 12/9/2016 12:05 PM,HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default),,,"Hijacks",System-wide,,,,,,
  35. 6/3/2017 5:42 PM,"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)","C:\Program Files\Internet Explorer\iexplore.exe",enabled,"Hijacks",System-wide,"Internet Explorer","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files\internet explorer\iexplore.exe",11.0.10240.17443,""
  36. 9/20/2017 12:39 PM,HKLM\System\CurrentControlSet\Services,,,"Services",System-wide,,,,,,
  37. 11/21/2013 11:55 PM,"HKLM\System\CurrentControlSet\Services","AdobeARMservice",enabled,"Services",System-wide,"Adobe Acrobat Update Service: Adobe Acrobat Updater keeps your Adobe software up to date.","(Verified) Adobe Systems, Incorporated","Adobe Systems Incorporated","c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe",1.701.3.3014,"""C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"""
  38. 8/21/2015 6:57 AM,"HKLM\System\CurrentControlSet\Services","AGSService",enabled,"Services",System-wide,"Adobe Genuine Software Integrity Service: Adobe Genuine Software Integrity Service","(Verified) Adobe Systems Incorporated","Adobe Systems, Incorporated","c:\program files (x86)\common files\adobe\adobegcclient\agsservice.exe",2.0.0.44,"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
  39. 7/29/2011 4:35 AM,"HKLM\System\CurrentControlSet\Services","AIPS",enabled,"Services",System-wide,"Arp Intelligent Protection Service: Arp Intelligent Protection Service","(Not verified) Arcai.com","Arcai.com","c:\program files (x86)\netcut\services\aips.exe",1.0.0.1,"C:\Program Files (x86)\netcut\services\AIPS.exe"
  40. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","AJRouter",enabled,"Services",System-wide,"AllJoyn Router Service: Routes AllJoyn messages for the local AllJoyn clients. If this service is stopped the AllJoyn clients that do not have their own bundled routers will be unable to run.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ajrouter.dll",6.3.10240.16384,"%SystemRoot%\System32\AJRouter.dll"
  41. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","ALG",enabled,"Services",System-wide,"Application Layer Gateway Service: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\alg.exe",6.3.10240.16384,"%SystemRoot%\System32\alg.exe"
  42. 11/18/2015 1:58 PM,"HKLM\System\CurrentControlSet\Services","AMD External Events Utility",enabled,"Services",System-wide,"AMD External Events Utility: AMD External Events Service Module","(Verified) Advanced Micro Devices, Inc.","AMD","c:\windows\system32\atiesrxx.exe",6.14.11.1199,"%SystemRoot%\system32\atiesrxx.exe"
  43. 3/4/2017 11:22 AM,"HKLM\System\CurrentControlSet\Services","AppIDSvc",enabled,"Services",System-wide,"Application Identity: Determines and verifies the identity of an application. Disabling this service will prevent AppLocker from being enforced.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\appidsvc.dll",6.3.10240.17319,"%SystemRoot%\System32\appidsvc.dll"
  44. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","Appinfo",enabled,"Services",System-wide,"Application Information: Facilitates the running of interactive applications with additional administrative privileges. If this service is stopped, users will be unable to launch applications with the additional administrative privileges they may require to perform desired user tasks.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\appinfo.dll",6.3.10240.16384,"%SystemRoot%\System32\appinfo.dll"
  45. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","AppMgmt",enabled,"Services",System-wide,"Application Management: Processes installation, removal, and enumeration requests for software deployed through Group Policy. If the service is disabled, users will be unable to install, remove, or enumerate software deployed through Group Policy. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\appmgmts.dll",6.3.10240.16384,"%SystemRoot%\System32\appmgmts.dll"
  46. 11/19/2016 2:12 PM,"HKLM\System\CurrentControlSet\Services","AppReadiness",enabled,"Services",System-wide,"App Readiness: Gets apps ready for use the first time a user signs in to this PC and when adding new apps.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\appreadiness.dll",6.3.10240.17202,"%SystemRoot%\system32\AppReadiness.dll"
  47. 10/25/2016 12:56 PM,"HKLM\System\CurrentControlSet\Services","AppXSvc",enabled,"Services",System-wide,"AppX Deployment Service (AppXSVC): Provides infrastructure support for deploying Store applications. This service is started on demand and if disabled Store applications will not be deployed to the system, and may not function properly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\appxdeploymentserver.dll",6.3.10240.17184,"%SystemRoot%\system32\appxdeploymentserver.dll"
  48. 8/25/2017 9:40 PM,"HKLM\System\CurrentControlSet\Services","aswbIDSAgent",enabled,"Services",System-wide,"aswbIDSAgent: Provides Identity Protection Against Cyber Crime.","(Verified) AVAST Software s.r.o.","AVAST Software s.r.o.","c:\program files\avast software\avast\x64\aswidsagenta.exe",17.6.3.12852,"""C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"""
  49. 9/7/2016 11:21 AM,"HKLM\System\CurrentControlSet\Services","AudioEndpointBuilder",enabled,"Services",System-wide,"Windows Audio Endpoint Builder: Manages audio devices for the Windows Audio service. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\audioendpointbuilder.dll",6.3.10240.17113,"%SystemRoot%\System32\AudioEndpointBuilder.dll"
  50. 10/25/2016 1:40 PM,"HKLM\System\CurrentControlSet\Services","Audiosrv",enabled,"Services",System-wide,"Windows Audio: Manages audio for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\audiosrv.dll",6.3.10240.17184,"%SystemRoot%\System32\Audiosrv.dll"
  51. 8/29/2017 8:11 PM,"HKLM\System\CurrentControlSet\Services","avast! Antivirus",enabled,"Services",System-wide,"Avast Antivirus: Manages and implements Avast antivirus services for this computer. This includes the real-time shields, the virus chest and the scheduler.","(Verified) AVAST Software s.r.o.","AVAST Software","c:\program files\avast software\avast\avastsvc.exe",17.6.3625.0,"""C:\Program Files\AVAST Software\Avast\AvastSvc.exe"""
  52. 8/29/2017 8:17 PM,"HKLM\System\CurrentControlSet\Services","avast! Firewall",enabled,"Services",System-wide,"Avast Firewall Service: Implements main functionality for avast! Firewall","(Verified) AVAST Software s.r.o.","AVAST Software","c:\program files\avast software\avast\afwserv.exe",17.6.3625.0,"""C:\Program Files\AVAST Software\Avast\afwServ.exe"""
  53. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","AxInstSV",enabled,"Services",System-wide,"ActiveX Installer (AxInstSV): Provides User Account Control validation for the installation of ActiveX controls from the Internet and enables management of ActiveX control installation based on Group Policy settings. This service is started on demand and if disabled the installation of ActiveX controls will behave according to default browser settings.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\axinstsv.dll",6.3.10240.16384,"%SystemRoot%\System32\AxInstSV.dll"
  54. 7/10/2015 10:35 AM,"HKLM\System\CurrentControlSet\Services","BDESVC",enabled,"Services",System-wide,"BitLocker Drive Encryption Service: BDESVC hosts the BitLocker Drive Encryption service. BitLocker Drive Encryption provides secure startup for the operating system, as well as full volume encryption for OS, fixed or removable volumes. This service allows BitLocker to prompt users for various actions related to their volumes when mounted, and unlocks volumes automatically without user interaction. Additionally, it stores recovery information to Active Directory, if available, and, if necessary, ensures the most recent recovery certificates are used. Stopping or disabling the service would prevent users from leveraging this functionality.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\bdesvc.dll",6.3.10240.16384,"%SystemRoot%\System32\bdesvc.dll"
  55. 8/3/2016 11:32 AM,"HKLM\System\CurrentControlSet\Services","BFE",enabled,"Services",System-wide,"Base Filtering Engine: The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\bfe.dll",6.3.10240.17071,"%SystemRoot%\System32\bfe.dll"
  56. 7/10/2015 10:17 AM,"HKLM\System\CurrentControlSet\Services","BITS",enabled,"Services",System-wide,"Background Intelligent Transfer Service: Transfers files in the background using idle network bandwidth. If the service is disabled, then any applications that depend on BITS, such as Windows Update or MSN Explorer, will be unable to automatically download programs and other information.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\qmgr.dll",7.8.10240.16384,"%SystemRoot%\System32\qmgr.dll"
  57. 1/19/2013 5:09 AM,"HKLM\System\CurrentControlSet\Services","Blackberry Device Manager",enabled,"Services",System-wide,"Blackberry Device Manager: BlackBerry Device Manager","(Not verified) Research In Motion Limited","Research In Motion Limited","c:\program files (x86)\common files\research in motion\usb drivers\bbdevmgr.exe",4.2.0.28,"""C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"""
  58. 10/25/2016 12:38 PM,"HKLM\System\CurrentControlSet\Services","BrokerInfrastructure",enabled,"Services",System-wide,"Background Tasks Infrastructure Service: Windows infrastructure service that controls which background tasks can run on the system.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\bisrv.dll",6.3.10240.17184,"%SystemRoot%\System32\bisrv.dll"
  59. 2/23/2016 6:17 PM,"HKLM\System\CurrentControlSet\Services","Browser",enabled,"Services",System-wide,"Computer Browser: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\browser.dll",6.3.10240.16724,"%SystemRoot%\System32\browser.dll"
  60. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","BthHFSrv",enabled,"Services",System-wide,"Bluetooth Handsfree Service: Enables wireless Bluetooth headsets to run on this computer. If this service is stopped or disabled, then Bluetooth headsets will not function properly with this machine.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\bthhfsrv.dll",6.3.10240.16384,"%SystemRoot%\System32\BthHFSrv.dll"
  61. 7/10/2015 10:21 AM,"HKLM\System\CurrentControlSet\Services","bthserv",enabled,"Services",System-wide,"Bluetooth Support Service: The Bluetooth service supports discovery and association of remote Bluetooth devices. Stopping or disabling this service may cause already installed Bluetooth devices to fail to operate properly and prevent new devices from being discovered or associated.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\bthserv.dll",6.3.10240.16384,"%SystemRoot%\system32\bthserv.dll"
  62. 7/10/2015 10:30 AM,"HKLM\System\CurrentControlSet\Services","CDPSvc",enabled,"Services",System-wide,"CDPSvc: CDPSvc","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\cdpsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\CDPSvc.dll"
  63. 5/23/2016 10:20 AM,"HKLM\System\CurrentControlSet\Services","CDROM_Eject_Smart_Z907",enabled,"Services",System-wide,"CDROM_Eject_Smart_Z907: ",,"","c:\program files (x86)\andromax m3z\fi_eject.exe",,"C:\Program Files (x86)\Andromax M3Z\FI_Eject.exe"
  64. 3/4/2017 11:21 AM,"HKLM\System\CurrentControlSet\Services","CertPropSvc",enabled,"Services",System-wide,"Certificate Propagation: Copies user certificates and root certificates from smart cards into the current user's certificate store, detects when a smart card is inserted into a smart card reader, and, if needed, installs the smart card Plug and Play minidriver.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\certprop.dll",6.3.10240.17319,"%SystemRoot%\System32\certprop.dll"
  65. 6/29/2016 3:43 PM,"HKLM\System\CurrentControlSet\Services","cFosSpeedS",enabled,"Services",System-wide,"cFosSpeed System Service: Performs latency measurement and privileged operations for cFosSpeed","(Verified) cFos Software GmbH","cFos Software GmbH","c:\program files\cfosspeed\spd.exe",10.14.2274.0,"""C:\Program Files\cFosSpeed\spd.exe"" -service"
  66. 6/3/2017 5:20 PM,"HKLM\System\CurrentControlSet\Services","ClipSVC",enabled,"Services",System-wide,"Client License Service (ClipSVC): Provides infrastructure support for the Microsoft Store. This service is started on demand and if disabled applications bought using Windows Store will not behave correctly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\clipsvc.dll",6.3.10240.17443,"%SystemRoot%\System32\ClipSVC.dll"
  67. 7/10/2015 10:20 AM,"HKLM\System\CurrentControlSet\Services","COMSysApp",enabled,"Services",System-wide,"COM System Application: Manages the configuration and tracking of Component Object Model (COM) -based components. If the service is stopped, most COM -based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dllhost.exe",6.3.10240.16384,"%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
  68. 6/3/2017 4:18 PM,"HKLM\System\CurrentControlSet\Services","CoreMessagingRegistrar",enabled,"Services",System-wide,"CoreMessaging: Manages communication between system components.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\coremessaging.dll",6.3.10240.17443,"%SystemRoot%\system32\coremessaging.dll"
  69. 6/14/2013 6:35 AM,"HKLM\System\CurrentControlSet\Services","cphs",enabled,"Services",System-wide,"Intel(R) Content Protection HECI Service: Intel(R) Content Protection HECI Service - enables communication with the Content Protection FW","(Verified) Intel(R) pGFX","Intel Corporation","c:\windows\syswow64\intelcphecisvc.exe",9.0.20.9000,"%SystemRoot%\SysWow64\IntelCpHeciSvc.exe"
  70. 5/28/2016 10:47 AM,"HKLM\System\CurrentControlSet\Services","CryptSvc",enabled,"Services",System-wide,"Cryptographic Services: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Automatic Root Certificate Update Service, which retrieves root certificates from Windows Update and enable scenarios such as SSL. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\cryptsvc.dll",6.3.10240.16942,"%SystemRoot%\system32\cryptsvc.dll"
  71. 7/10/2015 10:16 AM,"HKLM\System\CurrentControlSet\Services","CscService",enabled,"Services",System-wide,"Offline Files: The Offline Files service performs maintenance activities on the Offline Files cache, responds to user logon and logoff events, implements the internals of the public API, and dispatches interesting events to those interested in Offline Files activities and changes in cache state.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\cscsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\cscsvc.dll"
  72. 7/25/2013 1:39 PM,"HKLM\System\CurrentControlSet\Services","CxAudMsg",enabled,"Services",System-wide,"Conexant Audio Message Service: Monitors audio device events and forward them to subscribing application. If this service is stop. the aduio effects will not function properly.","(Verified) Conexant Systems, Inc.","Conexant Systems Inc.","c:\windows\system32\cxaudmsg64.exe",1.12.0.0,"""C:\WINDOWS\system32\CxAudMsg64.exe"""
  73. 4/28/2017 7:57 AM,"HKLM\System\CurrentControlSet\Services","DcomLaunch",enabled,"Services",System-wide,"DCOM Server Process Launcher: The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled, programs using COM or DCOM will not function properly. It is strongly recommended that you have the DCOMLAUNCH service running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\rpcss.dll",6.3.10240.17394,"%SystemRoot%\system32\rpcss.dll"
  74. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","DcpSvc",enabled,"Services",System-wide,"DataCollectionPublishingService: The DCP (Data Collection and Publishing) service supports first party apps to upload data to cloud.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dcpsvc.dll",6.3.10240.16384,"%SystemRoot%\system32\dcpsvc.dll"
  75. 7/10/2015 10:16 AM,"HKLM\System\CurrentControlSet\Services","defragsvc",enabled,"Services",System-wide,"Optimize drives: Helps the computer run more efficiently by optimizing files on storage drives.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\defragsvc.dll",6.3.10240.16384,"%Systemroot%\System32\defragsvc.dll"
  76. 9/30/2016 10:54 AM,"HKLM\System\CurrentControlSet\Services","DeviceAssociationService",enabled,"Services",System-wide,"Device Association Service: Enables pairing between the system and wired or wireless devices.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\das.dll",6.3.10240.17146,"%SystemRoot%\system32\das.dll"
  77. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","DeviceInstall",enabled,"Services",System-wide,"Device Install Service: Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\umpnpmgr.dll",6.3.10240.16384,"%SystemRoot%\system32\umpnpmgr.dll"
  78. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","DevQueryBroker",enabled,"Services",System-wide,"DevQuery Background Discovery Broker: Enables apps to discover devices with a backgroud task","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\devquerybroker.dll",6.3.10240.16384,"%SystemRoot%\system32\DevQueryBroker.dll"
  79. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","Dhcp",enabled,"Services",System-wide,"DHCP Client: Registers and updates IP addresses and DNS records for this computer. If this service is stopped, this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dhcpcore.dll",6.3.10240.16384,"%SystemRoot%\system32\dhcpcore.dll"
  80. 7/10/2015 10:36 AM,"HKLM\System\CurrentControlSet\Services","diagnosticshub.standardcollector.service",enabled,"Services",System-wide,"Microsoft (R) Diagnostics Hub Standard Collector Service: Diagnostics Hub Standard Collector Service. When running, this service collects real time ETW events and processes them.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe",11.0.10240.16384,"%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe"
  81. 10/25/2016 12:36 PM,"HKLM\System\CurrentControlSet\Services","DiagTrack",enabled,"Services",System-wide,"Diagnostics Tracking Service: The Diagnostics Tracking Service enables data collection about functional issues in Windows components.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\diagtrack.dll",6.3.10240.17184,"%SystemRoot%\system32\diagtrack.dll"
  82. 9/7/2016 11:34 AM,"HKLM\System\CurrentControlSet\Services","DmEnrollmentSvc",enabled,"Services",System-wide,"Device Management Enrollment Service: Performs Device Enrollment Activities for Device Management","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\windows.internal.management.dll",6.3.10240.17113,"%systemroot%\system32\Windows.Internal.Management.dll"
  83. 7/10/2015 10:17 AM,"HKLM\System\CurrentControlSet\Services","dmwappushservice",enabled,"Services",System-wide,"dmwappushsvc: WAP Push Message Routing Service","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dmwappushsvc.dll",6.3.10240.16384,"%SystemRoot%\system32\dmwappushsvc.dll"
  84. 3/4/2017 10:50 AM,"HKLM\System\CurrentControlSet\Services","Dnscache",enabled,"Services",System-wide,"DNS Client: The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped, DNS names will continue to be resolved. However, the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dnsrslvr.dll",6.3.10240.17319,"%SystemRoot%\System32\dnsrslvr.dll"
  85. 10/25/2016 2:01 PM,"HKLM\System\CurrentControlSet\Services","DoSvc",enabled,"Services",System-wide,"Delivery Optimization: Performs content delivery optimization tasks","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dosvc.dll",6.3.10240.17184,"%SystemRoot%\system32\dosvc.dll"
  86. 7/10/2015 10:23 AM,"HKLM\System\CurrentControlSet\Services","dot3svc",enabled,"Services",System-wide,"Wired AutoConfig: The Wired AutoConfig (DOT3SVC) service is responsible for performing IEEE 802.1X authentication on Ethernet interfaces. If your current wired network deployment enforces 802.1X authentication, the DOT3SVC service should be configured to run for establishing Layer 2 connectivity and/or providing access to network resources. Wired networks that do not enforce 802.1X authentication are unaffected by the DOT3SVC service.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dot3svc.dll",6.3.10240.16384,"%SystemRoot%\System32\dot3svc.dll"
  87. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Services","DPS",enabled,"Services",System-wide,"Diagnostic Policy Service: The Diagnostic Policy Service enables problem detection, troubleshooting and resolution for Windows components. If this service is stopped, diagnostics will no longer function.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dps.dll",6.3.10240.16384,"%SystemRoot%\system32\dps.dll"
  88. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Services","DsmSvc",enabled,"Services",System-wide,"Device Setup Manager: Enables the detection, download and installation of device-related software. If this service is disabled, devices may be configured with outdated software, and may not work correctly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\devicesetupmanager.dll",6.3.10240.16384,"%SystemRoot%\System32\DeviceSetupManager.dll"
  89. 3/16/2016 10:35 AM,"HKLM\System\CurrentControlSet\Services","DsSvc",enabled,"Services",System-wide,"Data Sharing Service: Provides data brokering between applications.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\dssvc.dll",6.3.10240.16766,"%SystemRoot%\System32\DsSvc.dll"
  90. 9/7/2016 11:22 AM,"HKLM\System\CurrentControlSet\Services","Eaphost",enabled,"Services",System-wide,"Extensible Authentication Protocol: The Extensible Authentication Protocol (EAP) service provides network authentication in such scenarios as 802.1x wired and wireless, VPN, and Network Access Protection (NAP). EAP also provides application programming interfaces (APIs) that are used by network access clients, including wireless and VPN clients, during the authentication process. If you disable this service, this computer is prevented from accessing networks that require EAP authentication.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\eapsvc.dll",6.3.10240.17113,"%SystemRoot%\System32\eapsvc.dll"
  91. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","EFS",enabled,"Services",System-wide,"Encrypting File System (EFS): Provides the core file encryption technology used to store encrypted files on NTFS file system volumes. If this service is stopped or disabled, applications will be unable to access encrypted files.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\efssvc.dll",6.3.10240.16384,"%SystemRoot%\system32\efssvc.dll"
  92. 7/10/2015 10:35 AM,"HKLM\System\CurrentControlSet\Services","embeddedmode",enabled,"Services",System-wide,"embeddedmode: Embedded Mode","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\embeddedmodesvc.dll",6.3.10240.16384,"%SystemRoot%\System32\embeddedmodesvc.dll"
  93. 9/7/2016 11:34 AM,"HKLM\System\CurrentControlSet\Services","EntAppSvc",enabled,"Services",System-wide,"Enterprise App Management Service: Enables enterprise application management.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\enterpriseappmgmtsvc.dll",6.3.10240.17113,"%SystemRoot%\system32\EnterpriseAppMgmtSvc.dll"
  94. 4/8/2015 10:08 AM,"HKLM\System\CurrentControlSet\Services","ETDService",enabled,"Services",System-wide,"Elan Service: Elan Service","(Verified) ELAN Microelectronics Corporation","ELAN Microelectronics Corp.","c:\program files\elantech\etdservice.exe",11.10.15.1,"C:\Program Files\Elantech\ETDService.exe"
  95. 9/30/2016 10:59 AM,"HKLM\System\CurrentControlSet\Services","EventLog",enabled,"Services",System-wide,"Windows Event Log: This service manages events and event logs. It supports logging events, querying events, subscribing to events, archiving event logs, and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\wevtsvc.dll",6.3.10240.17146,"%SystemRoot%\System32\wevtsvc.dll"
  96. 7/10/2015 10:20 AM,"HKLM\System\CurrentControlSet\Services","EventSystem",enabled,"Services",System-wide,"COM Event System: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\es.dll",2001.12.10941.16384,"%systemroot%\system32\es.dll"
  97. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","Fax",enabled,"Services",System-wide,"Fax: Enables you to send and receive faxes, utilizing fax resources available on this computer or on the network.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\fxssvc.exe",6.3.10240.16384,"%systemroot%\system32\fxssvc.exe"
  98. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","fdPHost",enabled,"Services",System-wide,"Function Discovery Provider Host: The FDPHOST service hosts the Function Discovery (FD) network discovery providers. These FD providers supply network discovery services for the Simple Services Discovery Protocol (SSDP) and Web Services � Discovery (WS-D) protocol. Stopping or disabling the FDPHOST service will disable network discovery for these protocols when using FD. When this service is unavailable, network services using FD and relying on these discovery protocols will be unable to find network devices or resources.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\fdphost.dll",6.3.10240.16384,"%SystemRoot%\system32\fdPHost.dll"
  99. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","FDResPub",enabled,"Services",System-wide,"Function Discovery Resource Publication: Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped, network resources will no longer be published and they will not be discovered by other computers on the network.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\fdrespub.dll",6.3.10240.16384,"%SystemRoot%\system32\fdrespub.dll"
  100. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Services","fhsvc",enabled,"Services",System-wide,"File History Service: Protects user files from accidental loss by copying them to a backup location","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\fhsvc.dll",6.3.10240.16384,"%SystemRoot%\system32\fhsvc.dll"
  101. 6/3/2017 5:04 PM,"HKLM\System\CurrentControlSet\Services","FontCache",enabled,"Services",System-wide,"Windows Font Cache Service: Optimizes performance of applications by caching commonly used font data. Applications will start this service if it is not already running. It can be disabled, though doing so will degrade application performance.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\fntcache.dll",6.3.10240.17443,"%SystemRoot%\system32\FntCache.dll"
  102. 5/7/2015 2:17 PM,"HKLM\System\CurrentControlSet\Services","FontCache3.0.0.0",enabled,"Services",System-wide,"Windows Presentation Foundation Font Cache 3.0.0.0: Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications.","(Verified) Microsoft Corporation","Microsoft Corporation","c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe",3.0.6920.8674,"%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
  103. 5/28/2016 11:00 AM,"HKLM\System\CurrentControlSet\Services","gpsvc",enabled,"Services",System-wide,"Group Policy Client: The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is disabled, the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is disabled.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\gpsvc.dll",6.3.10240.16942,"%SystemRoot%\System32\gpsvc.dll"
  104. 4/22/2017 8:31 AM,"HKLM\System\CurrentControlSet\Services","gupdate",enabled,"Services",System-wide,"Google Update Service (gupdate): Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.","(Verified) Google Inc","Google Inc.","c:\program files (x86)\google\update\googleupdate.exe",1.3.33.5,"""C:\Program Files (x86)\Google\Update\GoogleUpdate.exe"" /svc"
  105. 4/22/2017 8:31 AM,"HKLM\System\CurrentControlSet\Services","gupdatem",enabled,"Services",System-wide,"Google Update Service (gupdatem): Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.","(Verified) Google Inc","Google Inc.","c:\program files (x86)\google\update\googleupdate.exe",1.3.33.5,"""C:\Program Files (x86)\Google\Update\GoogleUpdate.exe"" /medsvc"
  106. 12/14/2006 12:55 PM,"HKLM\System\CurrentControlSet\Services","gusvc",enabled,"Services",System-wide,"Google Updater Service: gusvc","(Verified) Google Inc","Google","c:\program files (x86)\google\common\google updater\googleupdaterservice.exe",2.0.711.37800,"""C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"""
  107. 7/10/2015 10:21 AM,"HKLM\System\CurrentControlSet\Services","hidserv",enabled,"Services",System-wide,"Human Interface Device Service: Activates and maintains the use of hot buttons on keyboards, remote controls, and other multimedia devices. It is recommended that you keep this service running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\hidserv.dll",6.3.10240.16384,"%SystemRoot%\system32\hidserv.dll"
  108. 7/10/2015 10:19 AM,"HKLM\System\CurrentControlSet\Services","HomeGroupListener",enabled,"Services",System-wide,"HomeGroup Listener: Makes local computer changes associated with configuration and maintenance of the homegroup-joined computer. If this service is stopped or disabled, your computer will not work properly in a homegroup and your homegroup might not work properly. It is recommended that you keep this service running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\listsvc.dll",6.3.10240.16384,"%SystemRoot%\system32\ListSvc.dll"
  109. 7/10/2015 10:20 AM,"HKLM\System\CurrentControlSet\Services","HomeGroupProvider",enabled,"Services",System-wide,"HomeGroup Provider: Performs networking tasks associated with configuration and maintenance of homegroups. If this service is stopped or disabled, your computer will be unable to detect other homegroups and your homegroup might not work properly. It is recommended that you keep this service running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\provsvc.dll",6.3.10240.16384,"%SystemRoot%\system32\provsvc.dll"
  110. 9/17/2015 1:06 PM,"HKLM\System\CurrentControlSet\Services","icssvc",enabled,"Services",System-wide,"Windows Mobile Hotspot Service: Provides the ability to share a cellular data connection with another device.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\tetheringservice.dll",6.3.10240.16515,"%SystemRoot%\System32\tetheringservice.dll"
  111. 4/28/2017 7:53 AM,"HKLM\System\CurrentControlSet\Services","IEEtwCollectorService",enabled,"Services",System-wide,"Internet Explorer ETW Collector Service: ETW Collector Service for Internet Explorer. When running, this service collects real time ETW events and processes them.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ieetwcollector.exe",11.0.10240.17394,"%SystemRoot%\system32\IEEtwCollector.exe /V"
  112. 12/22/2015 2:43 AM,"HKLM\System\CurrentControlSet\Services","igfxCUIService1.0.0.0",enabled,"Services",System-wide,"Intel(R) HD Graphics Control Panel Service: Service for Intel(R) HD Graphics Control Panel","(Verified) Intel(R) pGFX","Intel Corporation","c:\windows\system32\igfxcuiservice.exe",6.15.10.4358,"%SystemRoot%\system32\igfxCUIService.exe"
  113. 6/3/2017 5:09 PM,"HKLM\System\CurrentControlSet\Services","IKEEXT",enabled,"Services",System-wide,"IKE and AuthIP IPsec Keying Modules: The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore, stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ikeext.dll",6.3.10240.17443,"%SystemRoot%\System32\ikeext.dll"
  114. 4/1/2013 8:00 AM,"HKLM\System\CurrentControlSet\Services","Innosvcd",enabled,"Services",System-wide,"Innosvcd: Innorix File Transfer Service","(Verified) Innorix","INNORIX","c:\windows\syswow64\innosvcd.exe",2.0.0.0,"C:\WINDOWS\SysWOW64\innosvcd.exe"
  115. 9/7/2016 11:22 AM,"HKLM\System\CurrentControlSet\Services","iphlpsvc",enabled,"Services",System-wide,"IP Helper: Provides tunnel connectivity using IPv6 transition technologies (6to4, ISATAP, Port Proxy, and Teredo), and IP-HTTPS. If this service is stopped, the computer will not have the enhanced connectivity benefits that these technologies offer.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\iphlpsvc.dll",6.3.10240.17113,"%SystemRoot%\System32\iphlpsvc.dll"
  116. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","KeyIso",enabled,"Services",System-wide,"CNG Key Isolation: The CNG key isolation service is hosted in the LSA process. The service provides key process isolation to private keys and associated cryptographic operations as required by the Common Criteria. The service stores and uses long-lived keys in a secure process complying with Common Criteria requirements.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\keyiso.dll",6.3.10240.16384,"%SystemRoot%\system32\keyiso.dll"
  117. 9/30/2016 11:03 AM,"HKLM\System\CurrentControlSet\Services","KtmRm",enabled,"Services",System-wide,"KtmRm for Distributed Transaction Coordinator: Coordinates transactions between the Distributed Transaction Coordinator (MSDTC) and the Kernel Transaction Manager (KTM). If it is not needed, it is recommended that this service remain stopped. If it is needed, both MSDTC and KTM will start this service automatically. If this service is disabled, any MSDTC transaction interacting with a Kernel Resource Manager will fail and any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\msdtckrm.dll",2001.12.10941.16506,"%systemroot%\system32\msdtckrm.dll"
  118. 3/4/2017 11:23 AM,"HKLM\System\CurrentControlSet\Services","LanmanServer",enabled,"Services",System-wide,"Server: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\srvsvc.dll",6.3.10240.17319,"%SystemRoot%\system32\srvsvc.dll"
  119. 3/4/2017 11:31 AM,"HKLM\System\CurrentControlSet\Services","LanmanWorkstation",enabled,"Services",System-wide,"Workstation: Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\wkssvc.dll",6.3.10240.17319,"%SystemRoot%\System32\wkssvc.dll"
  120. 7/10/2015 10:21 AM,"HKLM\System\CurrentControlSet\Services","lfsvc",enabled,"Services",System-wide,"Geolocation Service: This service monitors the current location of the system and manages geofences (a geographical location with associated events). If you turn off this service, applications will be unable to use or receive notifications for geolocation or geofences.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\lfsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\lfsvc.dll"
  121. 7/10/2015 10:38 AM,"HKLM\System\CurrentControlSet\Services","LicenseManager",enabled,"Services",System-wide,"Windows License Manager Service: Provides infrastructure support for the Windows Store. This service is started on demand and if disabled then content acquired through the Windows Store will not function properly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\licensemanagersvc.dll",6.3.10240.16384,"%SystemRoot%\system32\LicenseManagerSvc.dll"
  122. 7/10/2015 10:23 AM,"HKLM\System\CurrentControlSet\Services","lltdsvc",enabled,"Services",System-wide,"Link-Layer Topology Discovery Mapper: Creates a Network Map, consisting of PC and device topology (connectivity) information, and metadata describing each PC and device. If this service is disabled, the Network Map will not function properly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\lltdsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\lltdsvc.dll"
  123. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","lmhosts",enabled,"Services",System-wide,"TCP/IP NetBIOS Helper: Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network, therefore enabling users to share files, print, and log on to the network. If this service is stopped, these functions might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\lmhsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\lmhsvc.dll"
  124. 11/19/2016 3:23 PM,"HKLM\System\CurrentControlSet\Services","LSM",enabled,"Services",System-wide,"Local Session Manager: Core Windows Service that manages local user sessions. Stopping or disabling this service will result in system instability.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\lsm.dll",6.3.10240.17202,"%SystemRoot%\System32\lsm.dll"
  125. 8/3/2016 11:34 AM,"HKLM\System\CurrentControlSet\Services","MapsBroker",enabled,"Services",System-wide,"Downloaded Maps Manager: Windows service for application access to downloaded maps. This service is started on-demand by application accessing downloaded maps. Disabling this service will prevent apps from accessing maps.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\moshost.dll",6.3.10240.17071,"%SystemRoot%\System32\moshost.dll"
  126. 12/19/2013 7:34 AM,"HKLM\System\CurrentControlSet\Services","Microsoft SharePoint Workspace Audit Service",enabled,"Services",System-wide,"Microsoft SharePoint Workspace Audit Service: Microsoft SharePoint Workspace","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\microsoft office\office14\groove.exe",14.0.7113.5005,"""C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE"" /auditservice"
  127. 8/24/2017 8:40 PM,"HKLM\System\CurrentControlSet\Services","MozillaMaintenance",enabled,"Services",System-wide,"Mozilla Maintenance Service: The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled.","(Verified) Mozilla Corporation","Mozilla Foundation","c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe",55.0.3.6445,"""C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"""
  128. 9/7/2016 11:23 AM,"HKLM\System\CurrentControlSet\Services","MpsSvc",enabled,"Services",System-wide,"Windows Firewall: Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\mpssvc.dll",6.3.10240.17113,"%SystemRoot%\system32\mpssvc.dll"
  129. 9/7/2016 11:19 AM,"HKLM\System\CurrentControlSet\Services","MSDTC",enabled,"Services",System-wide,"Distributed Transaction Coordinator: Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will fail. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\msdtc.exe",2001.12.10941.16485,"%SystemRoot%\System32\msdtc.exe"
  130. 7/10/2015 10:21 AM,"HKLM\System\CurrentControlSet\Services","MSiSCSI",enabled,"Services",System-wide,"Microsoft iSCSI Initiator Service: Manages Internet SCSI (iSCSI) sessions from this computer to remote iSCSI target devices. If this service is stopped, this computer will not be able to login or access iSCSI targets. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\iscsiexe.dll",6.3.10240.16384,"%systemroot%\system32\iscsiexe.dll"
  131. 7/11/2015 8:03 AM,"HKLM\System\CurrentControlSet\Services","msiserver",enabled,"Services",System-wide,"Windows Installer: Adds, modifies, and removes applications provided as a Windows Installer (*.msi, *.msp) package. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\msiexec.exe",5.0.10240.16386,"%systemroot%\system32\msiexec.exe /V"
  132. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","NcaSvc",enabled,"Services",System-wide,"Network Connectivity Assistant: Provides DirectAccess status notification for UI components","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ncasvc.dll",6.3.10240.16384,"%SystemRoot%\System32\ncasvc.dll"
  133. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","NcbService",enabled,"Services",System-wide,"Network Connection Broker: Brokers connections that allow Windows Store Apps to receive notifications from the internet.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ncbservice.dll",6.3.10240.16384,"%SystemRoot%\System32\ncbservice.dll"
  134. 3/4/2017 11:36 AM,"HKLM\System\CurrentControlSet\Services","NcdAutoSetup",enabled,"Services",System-wide,"Network Connected Devices Auto-Setup: Network Connected Devices Auto-Setup service monitors and installs qualified devices that connect to a qualified network. Stopping or disabling this service will prevent Windows from discovering and installing qualified network connected devices automatically. Users can still manually add network connected devices to a PC through the user interface.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ncdautosetup.dll",6.3.10240.17319,"%SystemRoot%\System32\NcdAutoSetup.dll"
  135. 7/10/2015 10:19 AM,"HKLM\System\CurrentControlSet\Services","Netlogon",enabled,"Services",System-wide,"Netlogon: Maintains a secure channel between this computer and the domain controller for authenticating users and services. If this service is stopped, the computer may not authenticate users and services and the domain controller cannot register DNS records. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\netlogon.dll",6.3.10240.16384,"%SystemRoot%\system32\netlogon.dll"
  136. 10/25/2016 1:44 PM,"HKLM\System\CurrentControlSet\Services","Netman",enabled,"Services",System-wide,"Network Connections: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\netman.dll",6.3.10240.17184,"%SystemRoot%\System32\netman.dll"
  137. 7/10/2015 10:23 AM,"HKLM\System\CurrentControlSet\Services","netprofm",enabled,"Services",System-wide,"Network List Service: Identifies the networks to which the computer has connected, collects and stores properties for these networks, and notifies applications when these properties change.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\netprofmsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\netprofmsvc.dll"
  138. 8/3/2016 11:42 AM,"HKLM\System\CurrentControlSet\Services","NetSetupSvc",enabled,"Services",System-wide,"Network Setup Service: The Network Setup Service manages the installation of network drivers and permits the configuration of low-level network settings. If this service is stopped, any driver installations that are in-progress may be cancelled.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\netsetupsvc.dll",6.3.10240.17071,"%SystemRoot%\System32\NetSetupSvc.dll"
  139. 7/10/2015 10:18 AM,"HKLM\System\CurrentControlSet\Services","NgcCtnrSvc",enabled,"Services",System-wide,"Microsoft Passport Container: Manages local user identity keys used to authenticate user to identity providers as well as TPM virtual smart cards. If this service is disabled, local user identity keys and TPM virtual smart cards will not be accessible. It is recommended that you do not reconfigure this service.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ngcctnrsvc.dll",6.3.10240.16384,"%SystemRoot%\System32\NgcCtnrSvc.dll"
  140. 9/17/2015 12:47 PM,"HKLM\System\CurrentControlSet\Services","NgcSvc",enabled,"Services",System-wide,"Microsoft Passport: Provides process isolation for cryptographic keys used to authenticate to a user�s associated identity providers. If this service is disabled, all uses and management of these keys will not be available, which includes machine logon and single-sign on for apps and websites. This service starts and stops automatically. It is recommended that you do not reconfigure this service.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\ngcsvc.dll",6.3.10240.16515,"%SystemRoot%\system32\ngcsvc.dll"
  141. 9/17/2015 12:52 PM,"HKLM\System\CurrentControlSet\Services","NlaSvc",enabled,"Services",System-wide,"Network Location Awareness: Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped, configuration information might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\nlasvc.dll",6.3.10240.16515,"%SystemRoot%\System32\nlasvc.dll"
  142. 12/26/2016 9:43 AM,"HKLM\System\CurrentControlSet\Services","npggsvc",enabled,"Services",System-wide,"nProtect GameGuard Service: nProtect GameGuard Service","(Verified) INCA Internet Co.,Ltd.","INCA Internet Co., Ltd.","c:\windows\syswow64\gamemon.des",2016.12.26.1,"C:\WINDOWS\system32\GameMon.des -service"
  143. 7/10/2015 10:14 AM,"HKLM\System\CurrentControlSet\Services","nsi",enabled,"Services",System-wide,"Network Store Interface Service: This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled, any other services that explicitly depend on this service will fail to start.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\nsisvc.dll",6.3.10240.16384,"%systemroot%\system32\nsisvc.dll"
  144. 10/25/2016 2:16 PM,"HKLM\System\CurrentControlSet\Services","OneSyncSvc",enabled,"Services",System-wide,"Sync Host: This service synchronizes mail, contacts, calendar and various other user data. Mail and other applications dependent on this functionality will not work properly when this service is not running.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\aphostservice.dll",6.3.10240.17184,"%SystemRoot%\System32\APHostService.dll"
  145. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Services","OneSyncSvc_Session2",enabled,"Services",System-wide,"Sync Host_Session2: Host Process for Windows Services","(Verified) Microsoft Windows Publisher","Microsoft Corporation","c:\windows\system32\svchost.exe",6.3.10240.16384,"C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup"
  146. 1/10/2010 11:16 AM,"HKLM\System\CurrentControlSet\Services","ose",enabled,"Services",System-wide,"Office Source Engine: Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files (x86)\common files\microsoft shared\source engine\ose.exe",14.0.4730.1010,"""C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"""
  147. 8/12/2009 9:00 AM,"HKLM\System\CurrentControlSet\Services","osppsvc",enabled,"Services",System-wide,"Office Software Protection Platform: Office Software Protection Platform Service (unlocalized description)","(Verified) Microsoft Corporation","Microsoft Corporation","c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe",14.0.370.400,"""C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"""
  148. 3/4/2017 12:02 PM,"HKLM\System\CurrentControlSet\Services","p2pimsvc",enabled,"Services",System-wide,"Peer Networking Identity Manager: Provides identity services for the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services. If disabled, the Peer Name Resolution Protocol (PNRP) and Peer-to-Peer Grouping services may not function, and some applications, such as HomeGroup and Remote Assistance, may not function correctly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\pnrpsvc.dll",6.3.10240.17319,"%SystemRoot%\system32\pnrpsvc.dll"
  149. 7/10/2015 10:23 AM,"HKLM\System\CurrentControlSet\Services","p2psvc",enabled,"Services",System-wide,"Peer Networking Grouping: Enables multi-party communication using Peer-to-Peer Grouping. If disabled, some applications, such as HomeGroup, may not function.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\p2psvc.dll",6.3.10240.16384,"%SystemRoot%\system32\p2psvc.dll"
  150. 10/25/2016 12:34 PM,"HKLM\System\CurrentControlSet\Services","PcaSvc",enabled,"Services",System-wide,"Program Compatibility Assistant Service: This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems. If this service is stopped, PCA will not function properly.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\pcasvc.dll",6.3.10240.17184,"%SystemRoot%\System32\pcasvc.dll"
  151. 9/7/2016 11:24 AM,"HKLM\System\CurrentControlSet\Services","PeerDistSvc",enabled,"Services",System-wide,"BranchCache: This service caches network content from peers on the local subnet.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\peerdistsvc.dll",6.3.10240.17113,"%SystemRoot%\system32\peerdistsvc.dll"
  152. 7/10/2015 10:22 AM,"HKLM\System\CurrentControlSet\Services","PerfHost",enabled,"Services",System-wide,"Performance Counter DLL Host: Enables remote users and 64-bit processes to query performance counters provided by 32-bit DLLs. If this service is stopped, only local users and 32-bit processes will be able to query performance counters provided by 32-bit DLLs.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\syswow64\perfhost.exe",6.3.10240.16384,"%SystemRoot%\SysWow64\perfhost.exe"
  153. 3/16/2016 10:37 AM,"HKLM\System\CurrentControlSet\Services","PimIndexMaintenanceSvc",enabled,"Services",System-wide,"Contact Data: Indexes contact data for fast contact searching. If you stop or disable this service, contacts might be missing from your search results.","(Verified) Microsoft Windows","Microsoft Corporation","c:\windows\system32\pimindexmaintenance.dll",6.3.10240.16766,"%SystemRoot%\System32\PimIndexMaintenance.dll"
  154. 7/10/2015 10:15 AM,"HKLM\System\CurrentControlSet\Services","PimIndexMaintenanceSvc_Session2",enabled,"Services",System-wide,"Contact Data_Session2: Host Process for Windows Services","(Verified) Microsoft Windows Publisher","Microsoft Corporation","c:\windows\system32\svchost.exe",6.3.10240.16384,"C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup"
  155. 7/10/2015 10:16 AM,"HKLM\System\CurrentControlSet\Services","pla",enabled,"Services",System-wide,"Performance Logs
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement