Page 1 of 2 12 LastLast
Results 1 to 20 of 28

Thread: Good lord what are these *exe's and programs!

  1. #1
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983

    Good lord what are these *exe's and programs!

    Under MsConfig:

    DLG.exe - Maybe somethign to do with some Direct line connect program they have?
    ccapp.exe - Norton?
    rcpwt.exe - junk?
    hkcmd.exe - junk?
    nopdb.exe - junk?



    Under Add/Remove Programs:

    AOL Communicator - Related to just aol or AIM too?
    Context Display - ?
    Control Utility - ?
    MyNetProtector - legit?
    Lycos Search - What does lycos need to be installing?
    Broadjump Client Foundation - say what?
    DAO - ?
    Common Name - uh, ya, and?
    Learn2 Player - ?
    Look Smart Search - questioning that!
    MySearchBar - legit?
    RON Display - ?
    Sys AI - ?

  2. #2
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    MySearchBar is spyware, bloatware that is bundled with something else.
    I don't know the same things you don't know.

  3. #3
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    haha yay, another one.

    just got this pc in and found 725 adware/spyware items and 45 virii, plus all this junk up there.

    checking for invalid registry keys now, thank god this one is a p4 at least!

  4. #4
    Senior Member
    Join Date
    Jun 2001
    Location
    USA
    Posts
    8,585
    Quote Originally Posted by YARDofSTUF
    haha yay, another one.

    just got this pc in and found 725 adware/spyware items and 45 virii, plus all this junk up there.

    checking for invalid registry keys now, thank god this one is a p4 at least!
    Is this a clients machine or one of yours? I get sick just finding 50 or more pieces of SW.. good luck

    ииии



    ииии

  5. #5
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    DLG.exe description:
    Used to check whether you are connected with digital telephone line. Comes with modem software. Located in "C:\Program Files\Digital Line Detect\".
    I don't know the same things you don't know.

  6. #6
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    Quote Originally Posted by Joe
    Is this a clients machine or one of yours? I get sick just finding 50 or more pieces of SW.. good luck

    a client's, and this is a freebie too! lucky them!

  7. #7
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    ccapp - ccapp.exe - Process Information
    Process File: ccapp or ccapp.exe
    Process Name: Common Client CC App
    Description: Associated with Norton AntiVirus 2003, which runs auto-protect and email checking facilities. Without this service, both facilities cannot function correctly.
    Company: Symantec Corporation
    System Process: No
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No

    I don't know the same things you don't know.

  8. #8
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    DLG.exe - ok (Dell)
    ccapp.exe - ok (Symantec)
    rcpwt.exe - ?
    hkcmd.exe - ok (Intel)
    nopdb.exe - ok (Symantec)



    Under Add/Remove Programs:

    AOL Communicator - ok (AIM)
    Context Display - ok
    Control Utility - ok
    MyNetProtector - ok (popup blocker)
    Lycos Search - spyware
    Broadjump Client Foundation - ok (usually related to support for a product)
    DAO - ?
    Common Name - spyware
    Learn2 Player - ? (most likely installed by AIM)
    Look Smart Search - spyware
    MySearchBar - spyware
    RON Display - ?
    Sys AI - ?

    Please post a HijackThis log so we can see where some of the ? are loaded from.


  9. #9
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    hkcmd - hkcmd.exe - Process Information
    Process File: hkcmd or hkcmd.exe
    Process Name: Hkcmd
    Description: Application that implements the Intel Hotkey command.
    Company: Intel Corporation
    System Process: No
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
    I don't know the same things you don't know.

  10. #10
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    nopdb - nopdb.exe - Process Information
    Process File: nopdb or nopdb.exe
    Process Name: Nopdb
    Description: Application that is associated with Norton Speed Disk. The application is installed only to start the Speed Disk automatically by default on Windows start-up.
    Company: Symantec Corporation
    System Process: No
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
    I don't know the same things you don't know.

  11. #11
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,877
    Quote Originally Posted by mnosteele52
    nopdb.exe - ok (Symantec)
    I've seen that service prevent computers from shutting down, can also keep a copy of regedit.exe open in task manager.

    That computer must have the retail version of Symantec AV.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  12. #12
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    Quote Originally Posted by YeOldeStonecat
    I've seen that service prevent computers from shutting down, can also keep a copy of regedit.exe open in task manager.

    That computer must have the retail version of Symantec AV.


    norton system works, so annoying.


    addds like 8 services to startup, wtf, avast and avg only add 2 or 3 LOL

  13. #13
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    Quote Originally Posted by mnosteele52
    DLG.exe - ok (Dell)

    Please post a HijackThis log so we can see where some of the ? are loaded from.


    Dont rush me

    there all coming from \program files\folder with name of program here

    hijackthis log will be done after i scan with norton.


    Norton is gay, it finds virii and tell me but doesnt allow me to delete it? theres no delete button on the damn window! just an ok or a scan button, ******* greedy ****s lol

  14. #14
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    The Dude, where are u getting this stuff?

  15. #15
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,877
    Quote Originally Posted by YARDofSTUF
    norton system works, so annoying.


    addds like 8 services to startup, wtf, avast and avg only add 2 or 3 LOL
    System Works...blech. I don't like those all in one programs. But naturally yeah it does add more startups to services than a plain AV programs, since it has more stuff in it.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  16. #16
    SG Enthusiast The Dude's Avatar
    Join Date
    Jan 2002
    Location
    CYQY
    Posts
    3,125
    Quote Originally Posted by YARDofSTUF
    The Dude, where are u getting this stuff?
    Found it here!
    I don't know the same things you don't know.

  17. #17
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    Nice, i think i've been there before, handy little link!

  18. #18
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    And heres the hijackthis log:


    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Common Files\Dell\EUSW\Support.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Belkin Mouse 1.0\MOUSE32A.EXE
    C:\Program Files\Yahoo!\browser\ybrwicon.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
    C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
    C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
    C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
    C:\PROGRA~1\Yahoo!\browser\ycommon.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\Mark Palmese\Desktop\HijackThis.exe


    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
    Digital Line Detect.lnk = ?


    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    IgfxTray = C:\WINDOWS\System32\igfxtray.exe
    HotKeysCmds = C:\WINDOWS\System32\hkcmd.exe
    diagent = "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
    UpdReg = C:\WINDOWS\UpdReg.EXE
    TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    AdaptecDirectCD = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"


    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background


    Enumerating Windows NT/2000/XP services

    abp480n5: \SystemRoot\System32\DRIVERS\ABP480N5.SYS (disabled)
    Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
    adpu160m: \SystemRoot\System32\DRIVERS\adpu160m.sys (disabled)
    Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
    AFD Networking Support Environment: \SystemRoot\System32\drivers\afd.sys (autostart)
    Intel AGP Bus Filter: \SystemRoot\System32\DRIVERS\agp440.sys (disabled)
    Compaq AGP Bus Filter: \SystemRoot\System32\DRIVERS\agpCPQ.sys (disabled)
    Aha154x: \SystemRoot\System32\DRIVERS\aha154x.sys (disabled)
    aic78u2: \SystemRoot\System32\DRIVERS\aic78u2.sys (disabled)
    aic78xx: \SystemRoot\System32\DRIVERS\aic78xx.sys (disabled)
    Alerter: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
    AliIde: \SystemRoot\System32\DRIVERS\aliide.sys (disabled)
    ALI AGP Bus Filter: \SystemRoot\System32\DRIVERS\alim1541.sys (disabled)
    AMD AGP Bus Filter Driver: \SystemRoot\System32\DRIVERS\amdagp.sys (disabled)
    amsint: \SystemRoot\System32\DRIVERS\amsint.sys (disabled)
    AOL Connectivity Service: C:\PROGRA~1\COMMON~1\aol\ACS\acsd.exe (manual start)
    Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    asc: \SystemRoot\System32\DRIVERS\asc.sys (disabled)
    asc3350p: \SystemRoot\System32\DRIVERS\asc3350p.sys (disabled)
    asc3550: \SystemRoot\System32\DRIVERS\asc3550.sys (disabled)
    ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
    RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
    Standard IDE/ESDI Hard Disk Controller: System32\DRIVERS\atapi.sys (system)
    ATM ARP Client Protocol: System32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
    Broadcom 440x 10/100 Integrated Controller XP Driver: System32\DRIVERS\bcm4sbxp.sys (manual start)
    Background Intelligent Transfer Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Computer Browser: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    cbidf: \SystemRoot\System32\DRIVERS\cbidf2k.sys (disabled)
    Symantec Event Manager: "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" (autostart)
    Symantec Password Validation: "C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe" (manual start)
    Symantec Settings Manager: "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (autostart)
    cd20xrnt: \SystemRoot\System32\DRIVERS\cd20xrnt.sys (disabled)
    CD-ROM Driver: System32\DRIVERS\cdrom.sys (system)
    Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
    ClipBook: %SystemRoot%\system32\clipsrv.exe (manual start)
    CmdIde: \SystemRoot\System32\DRIVERS\cmdide.sys (disabled)
    COM+ System Application: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Cpqarray: \SystemRoot\System32\DRIVERS\cpqarray.sys (disabled)
    Creative Service for CDROM Access: C:\WINDOWS\System32\CTsvcCDA.exe (autostart)
    Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    dac2w2k: \SystemRoot\System32\DRIVERS\dac2w2k.sys (disabled)
    dac960nt: \SystemRoot\System32\DRIVERS\dac960nt.sys (disabled)
    DHCP Client: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Disk Driver: System32\DRIVERS\disk.sys (system)
    Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
    dmload: System32\drivers\dmload.sys (system)
    Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
    DNS Client: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    dpti2o: \SystemRoot\System32\DRIVERS\dpti2o.sys (disabled)
    Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
    3Com EtherLink XL 90XB/C Adapter Driver: System32\DRIVERS\el90xbc5.sys (manual start)
    Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Event Log: %SystemRoot%\system32\services.exe (autostart)
    COM+ Event System: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
    Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Fax: %systemroot%\system32\fxssvc.exe (autostart)
    Floppy Disk Controller Driver: System32\DRIVERS\fdc.sys (manual start)
    Floppy Disk Driver: System32\DRIVERS\flpydisk.sys (manual start)
    Volume Manager Driver: System32\DRIVERS\ftdisk.sys (system)
    Game Port Enumerator: System32\DRIVERS\gameenum.sys (manual start)
    Generic Packet Classifier: System32\DRIVERS\msgpc.sys (manual start)
    Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Microsoft HID Class Driver: System32\DRIVERS\hidusb.sys (manual start)
    hpn: \SystemRoot\System32\DRIVERS\hpn.sys (disabled)
    HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start)
    HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start)
    i2omp: \SystemRoot\System32\DRIVERS\i2omp.sys (disabled)
    i8042 Keyboard and PS/2 Mouse Port Driver: System32\DRIVERS\i8042prt.sys (system)
    i81x: System32\DRIVERS\i81xnt5.sys (manual start)
    iAimFP0: System32\DRIVERS\wADV01nt.sys (manual start)
    iAimFP1: System32\DRIVERS\wADV02NT.sys (manual start)
    iAimFP2: System32\DRIVERS\wADV05NT.sys (manual start)
    iAimFP3: System32\DRIVERS\wSiINTxx.sys (manual start)
    iAimFP4: System32\DRIVERS\wVchNTxx.sys (manual start)
    iAimTV0: System32\DRIVERS\wATV01nt.sys (manual start)
    iAimTV1: System32\DRIVERS\wATV02NT.sys (manual start)
    iAimTV2: System32\DRIVERS\wATV03nt.sys (manual start)
    iAimTV3: System32\DRIVERS\wATV04nt.sys (manual start)
    iAimTV4: System32\DRIVERS\wCh7xxNT.sys (manual start)
    ialm: System32\DRIVERS\ialmnt5.sys (manual start)
    CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
    IMAPI CD-Burning COM Service: C:\WINDOWS\System32\imapi.exe (manual start)
    ini910u: \SystemRoot\System32\DRIVERS\ini910u.sys (disabled)
    IntelIde: \SystemRoot\System32\DRIVERS\intelide.sys (disabled)
    IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
    IPSEC driver: System32\DRIVERS\ipsec.sys (system)
    IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA Bus Driver: System32\DRIVERS\isapnp.sys (system)
    Keyboard Class Driver: System32\DRIVERS\kbdclass.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    Server: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Workstation: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart)
    Messenger: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    NetMeeting Remote Desktop Sharing: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
    Mouse Class Driver: System32\DRIVERS\mouclass.sys (system)
    Mouse HID Driver: System32\DRIVERS\mouhid.sys (manual start)
    mraid35x: \SystemRoot\System32\DRIVERS\mraid35x.sys (disabled)
    WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
    Windows Installer: C:\WINDOWS\System32\msiexec.exe /V (manual start)
    Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Norton AntiVirus Auto Protect Service: "C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe" (autostart)
    NAVENG: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040714.020\NAVENG.Sys (manual start)
    NAVEX15: \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20040714.020\NavEx15.Sys (manual start)
    Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O Protocol: System32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS Interface: System32\DRIVERS\netbios.sys (system)
    NetBT: System32\DRIVERS\netbt.sys (system)
    Network DDE: %SystemRoot%\system32\netdde.exe (manual start)
    Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
    Net Logon: %SystemRoot%\System32\lsass.exe (manual start)
    Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Network Location Awareness (NLA): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Norton Unerase Protection Driver: \??\C:\WINDOWS\System32\Drivers\NPDRIVER.SYS (manual start)
    Norton Unerase Protection: C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE (autostart)
    NT LM Security Support Provider: %SystemRoot%\System32\lsass.exe (manual start)
    Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    nv: System32\DRIVERS\nv4_mini.sys (manual start)
    IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
    OMCI WDM Device Driver: System32\DRIVERS\omci.sys (system)
    Creative SB Live! Series (WDM): system32\drivers\P16X.sys (manual start)
    Intel PentiumIII Processor Driver: System32\DRIVERS\p3.sys (system)
    Parallel port driver: System32\DRIVERS\parport.sys (manual start)
    PCI Bus Driver: System32\DRIVERS\pci.sys (system)
    PCIIde: System32\DRIVERS\pciide.sys (system)
    perc2: \SystemRoot\System32\DRIVERS\perc2.sys (disabled)
    perc2hib: \SystemRoot\System32\DRIVERS\perc2hib.sys (disabled)
    PfModNT: \??\C:\WINDOWS\System32\PfModNT.sys (autostart)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC Services: %SystemRoot%\System32\lsass.exe (autostart)
    WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
    Processor Driver: System32\DRIVERS\processr.sys (system)
    Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
    QoS Packet Scheduler: System32\DRIVERS\psched.sys (manual start)
    Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
    ql1080: \SystemRoot\System32\DRIVERS\ql1080.sys (disabled)
    Ql10wnt: \SystemRoot\System32\DRIVERS\ql10wnt.sys (disabled)
    ql12160: \SystemRoot\System32\DRIVERS\ql12160.sys (disabled)
    ql1240: \SystemRoot\System32\DRIVERS\ql1240.sys (disabled)
    ql1280: \SystemRoot\System32\DRIVERS\ql1280.sys (disabled)
    Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
    Remote Access Connection Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
    Direct Parallel: System32\DRIVERS\raspti.sys (manual start)
    Rdbss: System32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Terminal Server Device Redirector Driver: System32\DRIVERS\rdpdr.sys (manual start)
    Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
    Routing and Remote Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
    Remote Procedure Call (RPC) Locator: %SystemRoot%\System32\locator.exe (manual start)
    Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
    Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
    SAVRT: \??\C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVRT.SYS (system)
    SAVRTPEL: \??\C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVRTPEL.SYS (system)
    SAVScan: C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe (autostart)
    ScriptBlocking Service: C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe (autostart)
    Smart Card Helper: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SDdriver: \??\C:\WINDOWS\System32\Drivers\sddriver.sys (manual start)
    Secdrv: System32\DRIVERS\secdrv.sys (manual start)
    Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter Driver: System32\DRIVERS\serenum.sys (manual start)
    Serial port driver: System32\DRIVERS\serial.sys (system)
    Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    SIS AGP Bus Filter: \SystemRoot\System32\DRIVERS\sisagp.sys (disabled)
    Sparrow: \SystemRoot\System32\DRIVERS\sparrow.sys (disabled)
    Speed Disk service: C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE (autostart)
    Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
    Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
    System Restore Filter Driver: System32\DRIVERS\sr.sys (system)
    System Restore Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Srv: System32\DRIVERS\srv.sys (manual start)
    SSDP Discovery Service: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Windows Image Acquisition (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (manual start)
    Software Bus Driver: System32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{261FF5D6-55B3-4D28-8348-7DBC93E219F0} (manual start)
    Symantec Core LC: C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (autostart)
    symc810: \SystemRoot\System32\DRIVERS\symc810.sys (disabled)
    symc8xx: \SystemRoot\System32\DRIVERS\symc8xx.sys (disabled)
    SymEvent: \??\C:\Program Files\Symantec\SYMEVENT.SYS (manual start)
    symlcbrd: \??\C:\WINDOWS\System32\drivers\symlcbrd.sys (autostart)
    SYMREDRV: \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (manual start)
    SYMTDI: \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS (autostart)
    sym_hi: \SystemRoot\System32\DRIVERS\sym_hi.sys (disabled)
    sym_u3: \SystemRoot\System32\DRIVERS\sym_u3.sys (disabled)
    Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
    Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    TCP/IP Protocol Driver: System32\DRIVERS\tcpip.sys (system)
    Terminal Device Driver: System32\DRIVERS\termdd.sys (system)
    Terminal Services: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled)
    TosIde: \SystemRoot\System32\DRIVERS\toside.sys (disabled)
    Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    ultra: \SystemRoot\System32\DRIVERS\ultra.sys (disabled)
    Microcode Update Driver: System32\DRIVERS\update.sys (manual start)
    Upload Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Universal Plug and Play Device Host: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
    USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB PRINTER Class: System32\DRIVERS\usbprint.sys (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
    VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
    VIA AGP Bus Filter: \SystemRoot\System32\DRIVERS\viaagp.sys (disabled)
    ViaIde: \SystemRoot\System32\DRIVERS\viaide.sys (disabled)
    Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
    Windows Time: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
    WAN Miniport (ATW): System32\DRIVERS\wanatw4.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start)
    Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    WMDM PMSP Service: C:\WINDOWS\System32\MsPMSPSv.exe (autostart)
    Portable Media Serial Number: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WMI Performance Adapter: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
    Windows Socket 2.0 Non-IFS Service Provider Support Environment: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
    Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    YPCService: C:\WINDOWS\SYSTEM32\YPCSER~1.EXE (manual start)
    Intel(R) Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (manual start)
    Intel(R) Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start)

  19. #19
    SG Enthusiast
    Join Date
    Feb 2002
    Posts
    3,846
    Process File: cfd or cfd.exe
    Process Name: Application Client Foundation
    Description: Newer name for BroadJump Foundation Client (BJCFD) from BroadJump.com, now Motive. The software collects information on your Internet activity and sends it to your ISP so that your ISP can serve you advertisements related to the type of sites you visit.
    Company: Motive Communications
    System Process: No
    Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): Yes
    Common Errors: N/A


    That is installed by some ISP's. I think Charter used to do it, may still. I don't believe it's needed for proper operation.

  20. #20
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,983
    nice they have that and motive on there.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •