Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Windows startup programs - Browse database

If you're frustrated with the time it takes your Windows 10/8/7/Vista/XP PC to boot and then it seems to be running slowly you may have too many programs running at start-up - and you have come to the right place to identify them. This is the original start-up programs (as opposed to processes/tasks) list - one of the most accurate and comprehensive. Services are not included - see below. For further information on this and how to identify and disable start-up programs please visit the Introduction page.

See here for further information on random entries - which are typically added by viruses and other malware or unwanted programs.

Last database update :- 31st January, 2018
52641 listed

Entries are sorted by the Command/Data field. Alternatively, you can search the full database or use the alphabetical index on that page.

FIRST PREV ( Page 507 of 1053 ) NEXT LAST

You can also manually change the page number in the address bar.

Startup Item or Name Status Command or Data Description Tested
Nvidia (TM) Physics DriversXnvitmruu.exeDetected by McAfee as RDN/Generic.dx!dc3 and by Malwarebytes as Backdoor.Messa.ENo
nvjxueXnvjxue.exeDetected by Sophos as W32/Eyeveg-JNo
nvm-tray.exeXnvm-tray.exeDetected by Dr.Web as Trojan.DownLoader11.22019 and by Malwarebytes as Trojan.Downloader.E. Note - the file is located in %UserStartup% and its presence there ensures it runs when Windows startsNo
NVmaxYNVmax.exeNVmax is a old tweaking utility for NVidia graphics cards. In the startup list if the user chooses to overclock their cardNo
NVMixerTrayNNVMixerTray.exeSystem Tray access to audio controls from NVIDIA's motherboard ForceWare softwareNo
NVMonitorUNVMonitor.exeNVIDIA System Monitor - part of NVIDIA System Tools. Utility for monitoring and logging system statistics (such as temperatures, voltages, clocks and fan speeds) of NVIDIA based motherboards and graphics cardsYes
NVIDIA System MonitorUNVMonitor.exeNVIDIA System Monitor - part of NVIDIA System Tools. Utility for monitoring and logging system statistics (such as temperatures, voltages, clocks and fan speeds) of NVIDIA based motherboards and graphics cardsYes
nvmsgdwnXNVMSGDWN.EXEDetected by Sophos as Troj/Graber-DNo
PCMCIA Resource Monitor?nvp2pmon.exeNVIDIA nForce peer-to-peer (P2P) related. What does it do and is it required?No
NvPvrNetMonUNvPvrNetMon.exeNetwork monitor for the Personal Video Recorder function of the NVIDIA ForceWare Multimedia application - "makes sure you don't miss your favorite show. If you won't be home to watch the show, just use the PVR to set future recordings"No
NVRaidServiceUnvraidservice.exePart of NVIDIA® MediaShield™ Storage - NVIDIA's management utility for creating and monitoring hard disk RAID arrays for the controllers integrated on their motherboards. Includes a Disk Alert System for troubleshooting with notifications via the System Tray. Not required if you don't have a RAID array or if you created the array at the BIOS level. Some users complain that it can report false errorsYes
NVIDIA® NVRAIDUnvraidservice.exePart of NVIDIA® MediaShield™ Storage - NVIDIA's management utility for creating and monitoring hard disk RAID arrays for the controllers integrated on their motherboards. Includes a Disk Alert System for troubleshooting with notifications via the System Tray. Not required if you don't have a RAID array or if you created the array at the BIOS level. Some users complain that it can report false errorsYes
NVRTNnvrt.exeNVRefreshTool is a utility that will automatically detect the maximum refresh rate at each resolution that your monitor supportsNo
NVRTClk?NVRTClk.exeRelated to a Gigabyte video card. What does it do, and is it required?No
win-xpXnvsc32.exeDetected by Symantec as W32.Bropia.NNo
NvCplScanXnvsc32.exeDetected by Symantec as W32.Bropia.NNo
svcshareXnvscv32.exeDetected by Sophos as W32/Fujacks-Z and by Malwarebytes as Worm.PassmaNo
nvscv32Xnvscv32.exeDetected by McAfee as W32/Fujacks.sNo
NVSystem32Xnvscv32.exeDetected by Sophos as W32/Agobot-NONo
32.exeXnvscv32.exeDetected by Sophos as Troj/Agent-LOLNo
Winsock DriverXnvscv32.exeDetected by Sophos as W32/Agobot-FDNo
FireWire ServiceXnvscv32.exeDetected by Trend Micro as WORM_SDBOT.AXTNo
Net Command SenterXnvscvse.exeDetected by McAfee as W32/IRCbot.gen!df6280e5No
nvideaXnvsdx.exeDetected by Dr.Web as Trojan.PWS.Siggen1.15839 and by Malwarebytes as Trojan.Agent.NVNo
nvsmudfmXnvsmudfm.exeDetected by Malwarebytes as Adware.PinSearch. The file is located in %System%No
StereoLinksInstall?nvstlink.exePart of the 3D Vision feature included with NVIDIA Geforce graphics cardsNo
nvsv32.exeXnvsv32.exeDetected by Sophos as W32/Forbot-DINo
ctfmonXnvsv32.exeDetected by McAfee as Generic Dropper!fhr and by Malwarebytes as Trojan.DelfNo
Norton updatedXnvsv32.exeDetected by Trend Micro as WORM_SDBOT.ABHNo
nvsv32.exeXnvsv33.exeDetected by Trend Micro as WORM_WOOTBOT.FPNo
Generic Service ProcessXnvsvc.exeDetected by Trend Micro as WORM_AGOBOT.BY and by Malwarebytes as Backdoor.IRCBot.Gen. Note - this is not the valid "NVIDIA Driver Helper Service" and is located in %System%No
nvsvcXnvsvc.exeDetected by Dr.Web as Trojan.DownLoader5.9626. The file is located in %AppData%No
NVSVCXnvsvc.exeDetected by Trend Micro as WORM_AGOBOT.ALX. Note - this is not the valid "NVIDIA Driver Helper Service" and is located in %System%No
Symantec Security AddonXnvsvc.exeDetected by Sophos as W32/Agobot-EN. Note - do NOT confuse with the legitimate NVIDIA Driver Helper Service file of the same nameNo
Norton protectXnvsvc.exeAdded by a variant of Backdoor:Win32/Rbot. The file is located in %System%No
nvsvc16Unvsvc16.exeMySuperSPy surveillance software. Uninstall this software unless you put it there yourselfNo
Mqtw+Xnvsvc32.exeDetected by Malwarebytes as Trojan.Downloader. The file is located in %Windir%No
NVIDIA driver monitorXnvsvc32.exeDetected by Sophos as Troj~Agent-OZH and by Malwarebytes as Trojan.CryptNo
Windows System ControlerXnvsvc32.exeDetected by Dr.Web as Trojan.StartPage.46998 and by Malwarebytes as Trojan.AgentNo
MKdw+Xnvsvc32.exeDetected by McAfee as W32/Ramnit.a and by Malwarebytes as Trojan.DownloaderNo
nVidia Display DriverXnvsvc64.exeDetected by Sophos as W32/IRCBot-YK. Note - this is not related to any NVIDIA based graphics cardNo
Office MonitorXnvsvc86.exeDetected by Dr.Web as BackDoor.IRC.Sdbot.12461No
Network Security XPXnvsvc86.exeDetected by Sophos as W32/Rbot-GUINo
nvsvca32Xnvsvca32.exeDetected by Total Defense as Win32.Tactslay.E. The file is located in %Windir%No
clfmonXnvsvca32.exeDetected by Total Defense as Win32.Tactslay.E. The file is located in %Windir%No
nVidia System DriversXnvsys32.exeAdded by an unidentified WORM or TROJAN! See hereNo
nVidia Display Drivers (x86)Xnvsys86.exeDetected by McAfee as Generic.dx!elbNo
NVidia System UtilityUNVSystemUtility.exeNVidia System Utility - older version of the NVIDIA nTune utilty for monitoring and modifying the settings (such as temperatures, voltages, clocks and fan speeds) of NVIDIA based motherboards and graphics cards from within Windows. Now part of NVIDIA System ToolsNo
System File DriversXnvsysvc32.exeDetected by Trend Micro as WORM_AGOBOT.WJNo
Nvidia Control Center4XNvTaskbarIne.exeDetected by Trend Micro as TROJ_BREDOLAB.KO and by Malwarebytes as Worm.ProlacoNo

 

FIRST PREV ( Page 507 of 1053 ) NEXT LAST

You can also manually change the page number in the address bar.

Notes & Warnings

If you can help identify new entries and verify/identify those entries with a "?" status (especially hardware specific - such as laptops and motherboards) then please E-mail us (startups_at_pacs-portal_dot_co_dot_uk).

"Status" key:

Variables:

DISCLAIMER: It is assumed that users are familiar with the operating system they are using and comfortable with making the suggested changes. We will not be held responsible if changes you make cause a system failure.

WARNING: This is NOT a list of tasks/processes taken from the Task Manager (CTRL+SHIFT+ESC) "Processes" tab. This displays some startup programs AND other background tasks and "Services". These pages are concerned with startup programs from the common startup locations shown above ONLY. Please do not submit entries collected from this method as they will not be used. For a list of tasks/processes you should try the list at PC Pitstop, the Process Library from Uniblue or one of the many others now available.

Therefore, before ending a task/process via CTRL+SHIFT+ESC just because it has an "X" recommendation, please check whether it's in the registry or common startup locations first. An example would be "svchost.exe" - which doesn't appear in either under normal conditions but does via CTRL+SHIFT+ESC. If in doubt, don't do anything.

To avoid the database becoming too large, all malware entries are only shown using the registry version which is common to all Windows versions. Otherwise there would be multiple entries for popular filenames that viruses often use - such as "svchost.exe" above for example. Multiple malware can also use the same start-up entries, in this case only those with significant differences (such as file location) are repeated in this database.

As more than 25K entries in this database related to malware you should use a quality internet security package. Which ever you choose, keep it updated and get the latest version at least every two years.

There are a number of virus and malware entries listed in this database where specific removal instructions haven't been given. If this is the case then you could try ComboFix, a program written by sUBs that can remove many different types of Trojans and Worms. See here for a tutorial on how to use the program.

NOTE: A number of entries are repeated due to the way that different operating systems display startup items. For example, WinMe lists "POPROXY.EXE" as "Norton eMail Protect" in both MSCONFIG and the registry whereas WinXP lists it as "Poproxy" in MSCONFIG and "Norton eMail Protect" in the registry.

SERVICES: "Services" from the Windows 8/7/Vista/XP/2K/NT operating systems are not included. We fully understand that some programs with these OS's use "Services" as an alternative to load their component parts at startup but these are handled in a different way. We recommend you try BlackViper for information on services for the relevant operating systems.

Copyright

Presentation, format & comments Copyright © 2001 - 2017 Pacman's Portal
Portions Copyright © Peter Forrest, Denny Denham, Sylvain Prevost, Tony Klein, CastleCops & Bleeping Computer
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home