As I am the developer who initially wrote NeroCheck.exe, I can confirm that it is no kind of spyware, that it does not open any connection anywhere. Yes, it is automatically executed at start up time through registration ( key HKLM\Software\Microsoft\Windows\CurrentVersion\Run value "NeroFilterCheck" which is a string assigned to "C:\WINDOWS\system32\NeroCheck.exe"). What does NeroCheck.exe do then? As "NeroFilterCheck" suggests, it is checking the filter drivers registry values for the CD/DVD-ROM driver class ( LowFilter and UpperFilter values ). It ensures that the values are well a multi-strings (some buggy installers (over)write them with a string value). If NeroCd2k.sys is present on the system, it ensures it is correctly registered. If NeroCD2k.sys is not present on the system, it ensures it is not registered. It checks for valid ending of the multistring (double-zero). Etc. Finally it does register through Windows event log any correction it might do to the registry.
The reason to do these checks is that the cd/dvd-rom driver class wouldn't load if these filter values are corrupted. To the end-user, it will look like their device is no more found by Windows (it does not appear anymore in 'My Computer'). The reason to leave NeroCheck.exe after de-installation is to protect against Ahead de-installer possible bug corrupting the filter driver values (that is if our de-installer does a mistake, NeroCheck.exe is here to correct the mistake).
Indeed it is safe to remove NeroCheck.exe if you have removed Nero from your system, and if after rebooting you have no problem with your cd/dvd-rom devices.
About the black-listing of serial numbers, there is no spyware software to send to Ahead the serial number on your system. However, from time to time we do check your serial numbers when you use our free techsupport e-mail service (the serial number is integrated in infotool.txt generated by Nero InfoTool). No, we cannot afford to offer techsupport and free updates to people who own an illegal copy of our software. We also check from time to time the serial numbers people publish on the web, or malicious key generators, and block them.
< Message edited by dburg -- 8/29/2004 4:48:36 PM >
InCD Project Leader
Im Stoeckmaedle 18
fax: +49 (0)7248 928 299