Windows Defender Warning

[happymac.support]

Hi,

I am running Win XP Pro SP2. In the Event Viewer, in the System log, I
realized that I get 2 warnings every time the computer is started.
Here are the logs:

--------------------------------------------------------------------------------------------------------

1) Type: Warning
Source: WinDefend
Category: None
Event: 3004
Description:
Windows Defender Real-Time Protection agent has detected changes.
Microsoft recommends you analyze the software that made these changes
for potential risks. You can use information about how these programs
operate to choose whether to allow them to run or remove them from
your computer. Allow changes only if you trust the program or the
software publisher. Windows Defender can't undo changes that you
allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {3A1A5AD3-EB3A-4A89-8F2A-B6DBC46EC7A4}
User: Computer\User
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found: driver:FLASHSYS
Alert Type: Unclassified software
Detection Type:

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

2)Type: Warning
Source: WinDefend
Category: None
Event: 3004
Description:
Windows Defender Real-Time Protection agent has detected changes.
Microsoft recommends you analyze the software that made these changes
for potential risks. You can use information about how these programs
operate to choose whether to allow them to run or remove them from
your computer. Allow changes only if you trust the program or the
software publisher. Windows Defender can't undo changes that you
allow.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409
Scan ID: {3A1A5AD3-EB3A-4A89-8F2A-B6DBC46EC7A4}
User: Computer\User
Name: Unknown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found: service:FLASHSYS
Alert Type: Unclassified software
Detection Type:

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.

------------------------------------------------------------------------------

I did a quick search for the file Flashsys.sys and found it under C:
\WINDOWS\system32\drivers\. To be safe, I did a custom scan of the
drivers folder with Windows Defender. It didn't come up with anything.
My system is running fine and smooth, I I'm not worrying too much
about this, but why do those 2 warnings appear everytime I start the
computer?

Thanx in advance

 

[Detlev Dreyer]

I did a quick search for the file Flashsys.sys and found it under C:
\WINDOWS\system32\drivers\.

Check the file properties in order to find out the associated software
and its origin.

 

[happymac.support]

Check the file properties in order to find out the associated software
and its origin.

It just says its a "system file" with unknown association.

 

[happymac.support]

Check the file properties in order to find out the associated software
and its origin.

The file in the drivers folder has unknown associations and is a
"system file" however, using google I searched for the file and came
up with two results. This was posted by an expert at a forum:

"FLASHSYS.sys used by dvd roms and cd roms"

Another posting on a Chinese page that I translated using Google
Translate says:

"FlashSys.sys on paper have been identified :
FlashSys.sys MSI Live Update FlashSys.sys is MSI Live Update
process-driven document."

I have MSI Live Update on My Computer. The Date of Creation on
Flashsys.sys says September 17, 2006, and I'm almost 100% sure that
was the date I installed MSI Live Update.

 

[Detlev Dreyer]

The file in the drivers folder has unknown associations and is a
"system file" however, using google I searched for the file and came
up with two results.

Nope. Why don't you right click that file > Properties > Version.

 

[happymac.support]

Nope. Why don't you right click that file > Properties > Version.

There is no file version listed for it. The only info given is:

- Type of file: System file
- Opens with: Unknown Application
- Location: C:\WINDOWS\system32\drivers\
- Size: 6.54KB
- Size on Disk: 8.00KB
- Created: Sunday, September 17, 2006, 12:16:50 PM
- Modified: Monday, May 02, 2005, 2:30:48 PM
- Accessed: Today, July 16, 2007, 12:26:31 PM

I'm pretty sure its from MSI Live Update, like it said on that site I
found. The reason that the file says that its being accessed everyday
is because MSI Live Update is one of my startup programs. MSI Live
Update is a program that came with my video card that updates the VGA
BIOS, Drivers, etc.

-

 

[happymac.support]

There is no file version listed for it. The only info given is:

- Type of file: System file
- Opens with: Unknown Application
- Location: C:\WINDOWS\system32\drivers\
- Size: 6.54KB
- Size on Disk: 8.00KB
- Created: Sunday, September 17, 2006, 12:16:50 PM
- Modified: Monday, May 02, 2005, 2:30:48 PM
- Accessed: Today, July 16, 2007, 12:26:31 PM

I'm pretty sure its from MSI Live Update, like it said on that site I
found. The reason that the file says that its being accessed everyday
is because MSI Live Update is one of my startup programs. MSI Live
Update is a program that came with my video card that updates the VGA
BIOS, Drivers, etc.

-

Also, here is more info to prove the "MSI Live Update" theory:

Go to this site: http://www.siteadvisor.com/sites/msi-computer.nl/downloads/3798488/]
Its a McAffee Site Advisor Report.

Scroll down and you'll see this:

MSI Live Update 3 (liveupdate.exe) made the following
modifications to the hard drive:

ADD c:\Documents and Settings\All Users\Desktop\MSI Live Monitor.lnk
ADD c:\Documents and Settings\All Users\Desktop\MSI Live Update 3.lnk
ADD c:\Documents and Settings\All Users\Start Menu\MSI Live Update
3.lnk
ADD c:\Documents and Settings\All Users\Start Menu\Programs\MSI\Live
Update 3\MSI Live Monitor.lnk
ADD c:\Documents and Settings\All Users\Start Menu\Programs\MSI\Live
Update 3\MSI Live Update 3.lnk
ADD c:\Documents and Settings\All Users\Start Menu\Programs\MSI\Live
Update 3\Uninstall MSI Live Update 3.lnk
ADD c:\Program Files\MSI\Live Update 3\APList.xml
ADD c:\Program Files\MSI\Live Update 3\BIOSList.xml
ADD c:\Program Files\MSI\Live Update 3\DrvCheck.dll
ADD c:\Program Files\MSI\Live Update 3\DrvList.xml
ADD c:\Program Files\MSI\Live Update 3\GeneGPIOLIB_C.dll
ADD c:\Program Files\MSI\Live Update 3\GeneGPIOLIB_C.lib
ADD c:\Program Files\MSI\Live Update 3\GLM7X.dll
ADD c:\Program Files\MSI\Live Update 3\IAList.xml
ADD c:\Program Files\MSI\Live Update 3\Icon3.ico
ADD c:\Program Files\MSI\Live Update 3\LMonitor.exe
ADD c:\Program Files\MSI\Live Update 3\MSI.htm
ADD c:\Program Files\MSI\Live Update 3\MSIDev.ocx
ADD c:\Program Files\MSI\Live Update 3\MSIDevRg.exe
ADD c:\Program Files\MSI\Live Update 3\MSIFlash.exe
ADD c:\Program Files\MSI\Live Update 3\MSII2C.dll
ADD c:\Program Files\MSI\Live Update 3\MSIWUPro.exe
ADD c:\Program Files\MSI\Live Update 3\NTGLM7X.SYS
ADD c:\Program Files\MSI\Live Update 3\nvapi9x.dll
ADD c:\Program Files\MSI\Live Update 3\nvgpio.dll
ADD c:\Program Files\MSI\Live Update 3\ocget.dll
ADD c:\Program Files\MSI\Live Update 3\Option.ini
ADD c:\Program Files\MSI\Live Update 3\OSDList.xml
ADD c:\Program Files\MSI\Live Update 3\Setupx32.exe
ADD c:\Program Files\MSI\Live Update 3\Uninst.isu
ADD c:\Program Files\MSI\Live Update 3\VBios.dll
ADD c:\Program Files\MSI\Live Update 3\VBWINSYS.exe
ADD c:\Program Files\MSI\Live Update 3\VgaFlash.exe
ADD c:\Program Files\MSI\Live Update 3\VGAList.xml
ADD c:\Program Files\MSI\Live Update 3\VGAOBList.xml
ADD c:\Program Files\MSI\Live Update 3\ATI\ATIFlash.exe
ADD c:\Program Files\MSI\Live Update 3\ATI\atiflrom.cfg
ADD c:\Program Files\MSI\Live Update 3\ATI\ATIFLROM.dll
ADD c:\Program Files\MSI\Live Update 3\ATI\ATIR6GAA.VXD
ADD c:\Program Files\MSI\Live Update 3\ATI\ATIXPGAA.SYS
ADD c:\Program Files\MSI\Live Update 3\ATI\psapi.dll
ADD c:\Program Files\MSI\Live Update 3\ATI\winflash.cfg
ADD c:\Program Files\MSI\Live Update 3\ATI\Winflashenu.dll
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\WinSFI.exe
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\AFUWIN\AFUWIN.EXE
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\AFUWIN
\UCORESYS.SYS
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\AFUWIN
\UCOREVXD.VXD
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\AFUWIN
\UCOREW64.SYS
ADD c:\Program Files\MSI\Live Update 3\FlashUty\AMI\WinSFI\WinSFI.exe
ADD c:\Program Files\MSI\Live Update 3\FlashUty\Award\WinFlash.exe
ADD c:\Program Files\MSI\Live Update 3\FlashUty\Award\WinFlash.sys
ADD c:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\AFU414_W.EXE
ADD c:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\UCOREDLL.DLL
ADD c:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\UCORESYS.SYS
ADD c:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\UCOREVXD.VXD
ADD c:\Program Files\MSI\Live Update 3\FlashUty\NB\AFUWIN\UCOREW64.SYS
ADD c:\Program Files\MSI\Live Update 3\FlashUty\OSD\cddrv.sys
ADD c:\Program Files\MSI\Live Update 3\FlashUty\OSD\OSDWinFM.exe
ADD c:\Program Files\MSI\Live Update 3\FlashUty\OSD\OSDWinFS.exe
ADD c:\Program Files\MSI\Live Update 3\Lang\res1028.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1031.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1033.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1036.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1040.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1041.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1045.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res1055.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res2052.xml
ADD c:\Program Files\MSI\Live Update 3\Lang\res404.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res407.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res409.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res40c.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res410.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res411.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res415.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res41f.dll
ADD c:\Program Files\MSI\Live Update 3\Lang\res804.dll
ADD c:\Program Files\MSI\Live Update 3\LBios\LBios.htm
ADD c:\Program Files\MSI\Live Update 3\LBios\LGetBios.htm
ADD c:\Program Files\MSI\Live Update 3\LBios\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LDriver\LDeteDrv.htm
ADD c:\Program Files\MSI\Live Update 3\LDriver\LDriver.htm
ADD c:\Program Files\MSI\Live Update 3\LDriver\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LIA\IAwarn.htm
ADD c:\Program Files\MSI\Live Update 3\LIA\LGetIA.htm
ADD c:\Program Files\MSI\Live Update 3\LIA\LIA.htm
ADD c:\Program Files\MSI\Live Update 3\LIA\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LMonitor\LMCheck.htm
ADD c:\Program Files\MSI\Live Update 3\LMonitor\LMItems.htm
ADD c:\Program Files\MSI\Live Update 3\LMonitor\LMonitor.htm
ADD c:\Program Files\MSI\Live Update 3\LMonitor\MSIFAQ.htm
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Result.xml
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\btn_bg.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\chess003.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\chipset.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\faq_bottom.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\faq_up.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\girl_bottom.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\girl_up.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\ie.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lb1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lb2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lb_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\ld1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\ld2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\ld_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lmicon.jpg
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\losd1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\losd2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\losd_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lu1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lu2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lu_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvb1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvb2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvb_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvd1_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvd2_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\lvd_tab.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\msi_banner.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\pc-b.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\product_mb.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image
\product_optical.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\product_vga.gif
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\SkipBtn.jpg
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\SkipBtn1.jpg
ADD c:\Program Files\MSI\Live Update 3\LMonitor\Image\SkipBtn2.jpg
ADD c:\Program Files\MSI\Live Update 3\LOSD\LGetOSD.htm
ADD c:\Program Files\MSI\Live Update 3\LOSD\LOSD.htm
ADD c:\Program Files\MSI\Live Update 3\LOSD\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LOSD\OSDInfo.ini
ADD c:\Program Files\MSI\Live Update 3\LUtility\LONUty.htm
ADD c:\Program Files\MSI\Live Update 3\LUtility\LUtility.htm
ADD c:\Program Files\MSI\Live Update 3\LUtility\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LVGABios\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LVGABios\LVGABIOS.htm
ADD c:\Program Files\MSI\Live Update 3\LVGABios\LVONBios.htm
ADD c:\Program Files\MSI\Live Update 3\LVGADrv\LUVerChk.htm
ADD c:\Program Files\MSI\Live Update 3\LVGADrv\LVGADrv.htm
ADD c:\Program Files\MSI\Live Update 3\LVGADrv\LVGAOBDrv.htm
ADD c:\Program Files\MSI\Live Update 3\LVGADrv\LVONDrv.htm
ADD c:\Program Files\MSI\Live Update 3\LVGADrv\LVONOBDrv.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\AUTOENB.BAT
ADD c:\Program Files\MSI\Live Update 3\msi.files\AUTOEOSD.BAT
ADD c:\Program Files\MSI\Live Update 3\msi.files\AUTOEXEC.BAT
ADD c:\Program Files\MSI\Live Update 3\msi.files\CONFIG.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\CONFINB.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\CONFIOSD.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\left.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\main.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\SECTOR.IMG
ADD c:\Program Files\MSI\Live Update 3\msi.files\Support.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\top.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\XLive.js
ADD c:\Program Files\MSI\Live Update 3\msi.files\XLive.vbs
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\AutoIDE.exe
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\CHECKDSK.BAT
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\CHOICE.EXE
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\CKEVT.EXE
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\COMMAND.COM
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\COPYING.TXT
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\FDKERNEL.LSM
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\FDXMS.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\KERNEL.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\KERNEL16.SYS
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\README
ADD c:\Program Files\MSI\Live Update 3\msi.files\FreeDOS\TDSK.EXE
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn1.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn1d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn1o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn2.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn2d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn2o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn3.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn3d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn3o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn4.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn4d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn4o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn5.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn5d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn5o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn6.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn6d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn6o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn7.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn7d.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btn7o.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btnlu.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btnlu1.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\btnlu2.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\Email.gif
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\goto.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\left.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\leftlow.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\lefttop.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\link.gif
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\no.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\noa.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\Reset.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\Reseta.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\SafeBios.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\Send.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\Senda.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\SkipBtn.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\SkipBtn1.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\SkipBtn2.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\star_red.gif
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\top.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\WORK.GIF
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\yes.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\Image\yesa.jpg
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\Bioswarn.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\Drvwarn.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\OSDwarn.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\VGAwarn0.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\VGAwarn1.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\VGAwarn2.htm
ADD c:\Program Files\MSI\Live Update 3\msi.files\warn\VGAwarn3.htm
ADD c:\WINDOWS\system32\FlashVxd.vxd
ADD c:\WINDOWS\system32\Ntaccess.sys
ADD c:\WINDOWS\system32\drivers\FlashSys.sys
<-----------------------------------------
[unquote]

Notice the c:\WINDOWS\system32\drivers\FlashSys.sys?

 

[Detlev Dreyer]

There is no file version listed for it.

That's rather unusual. If there is no Version tab, that file is not a
(binary) driver. Try to open with the Editor (Notepad) since this might
be a plain text file. If this applies, check its content.

I'm pretty sure its from MSI Live Update, like it said on that site I
found. The reason that the file says that its being accessed everyday
is because MSI Live Update is one of my startup programs. MSI Live
Update is a program that came with my video card that updates the VGA
BIOS, Drivers, etc.

Watch that file if there are changes in size and/or date. Since there
are changes on every reboot according to the Windows Defender, you
should see these changes as well.

 

[happymac.support]

That's rather unusual. If there is no Version tab, that file is not a
(binary) driver. Try to open with the Editor (Notepad) since this might
be a plain text file. If this applies, check its content.


Watch that file if there are changes in size and/or date. Since there
are changes on every reboot according to the Windows Defender, you
should see these changes as well.

OK, I opened the file using Notepad. Most of it was binary junk but I
picked out a few things that may be of use (these are copied right
from the file btw):

-------------------------------------------------------------------------------

- This program cannot be run in DOS mode.

- ÃÌMSI ATI Technologies 113-MS VER 2.05. 2.11. 2.15.
3.05. 3.11. 3.15. 3.20. 3.17. 3.25. 4.17. 4.25.
4.18. 4.28. 4.30. 4.31. 4.34. 4.35. 4.36. 4.37.
4.38. 5.40. 5.43. 5.44

- !
IoCreateSymbolicLink 
IoCreateDevice dRtlInitUnicodeString
·
IofCompleteRequest %
IoDeleteDevice '
IoDeleteSymbolicLink
ZwClose 4ZwMapViewOfSection µObReferenceObjectByHandle
<ZwOpenSection MMmMapIoSpace ntoskrnl.exe W READ_PORT_ULONG ]
WRITE_PORT_ULONG \ WRITE_PORT_UCHAR V READ_PORT_UCHAR ^
WRITE_PORT_USHORT / HalTranslateBusAddress HAL.dll

- D:\Task\LIVEUP~1\sys\objfre\i386\FlashSys.pdb

-------------------------------------------------------------------------------

I understand the ATI Technologies thing because my graphics chipset is
an ATI Radeon X1300 PRO. I think then it lists all the versions of MSI
Live Update it works with. I don't understand the Io gibberish but the
next thing (the filepath) "D:\Task\LIVEUP~1\sys\objfre
\i386\FlashSys.pdb" I think I understand. I think it is showing the
path where it was copied from, in this case the MSI Utilities CD (My
DVD-RW drive's letter is D). I know it came from MSI Live Update Now
because in the filepath, there is a subfolder called "LIVEUP~1" with
I'm pretty sure stands for MSI Live Update.

If you want to see the full text contents of the file, go to this page
(I uploaded it): http://pcwiz.50webs.com/FlashSysContents.txt

If you want a copy of the FlashSys.sys file, download it from here (I
uploaded it): http://pcwiz.50webs.com/FlashSys.sys


Hope this helps

Thanks for the help

 

[Detlev Dreyer]

If you want a copy of the FlashSys.sys file, download it from here (I
uploaded it): http://pcwiz.50webs.com/FlashSys.sys

Yep, that is a 32-bit binary file, however, w/o any version information.
It doesn't seem to be virulent according to a thorough scan and can be
opened with a Hex Editor. It contains a list of "MSI ATI Technologies"
VER (versions) from 2.05 to 5.44 and that may or may not be the reason
why this file is subject to frequent updates, apparently. The embedded
path "D:\Task\LIVEUP~1\sys\objfre\i386\FlashSys.pdb" should be a static
leftover (debug information file) and confirms more or less that this
particular file belongs to your "MSI Live Update" software. Under the
bottom line, there is nothing to worry about - estimated from afar.

Thanks for the help

You're certainly welcome.

 

[happymac.support]

Yep, that is a 32-bit binary file, however, w/o any version information.
It doesn't seem to be virulent according to a thorough scan and can be
opened with a Hex Editor. It contains a list of "MSI ATI Technologies"
VER (versions) from 2.05 to 5.44 and that may or may not be the reason
why this file is subject to frequent updates, apparently. The embedded
path "D:\Task\LIVEUP~1\sys\objfre\i386\FlashSys.pdb" should be a static
leftover (debug information file) and confirms more or less that this
particular file belongs to your "MSI Live Update" software. Under the
bottom line, there is nothing to worry about - estimated from afar.


You're certainly welcome.

When MSI Live Update starts up, it asks me sometimes to update to a
newer version of MSI Live Update (4.08 I think). That might be why its
accessed everyday. Just thought that you might like to know. Anyway, I
think to stop the warning that comes up in Event Viewer, I'll add
FlashSys.sys to Windows Defender's allowed list.

Thanks again

 

[Detlev Dreyer]

When MSI Live Update starts up, it asks me sometimes to update to a
newer version of MSI Live Update (4.08 I think). That might be why its
accessed everyday. Just thought that you might like to know. Anyway, I
think to stop the warning that comes up in Event Viewer, I'll add
FlashSys.sys to Windows Defender's allowed list.

Thanks for this update.

 

[happymac.support]

I think I am 100% sure now that it is Live Update, because I updated
to a new version of the software and a new FlashSys file was created.

Thanks again

 

[happymac.support]

Yep, that is a 32-bit binary file, however, w/o any version information.
It doesn't seem to be virulent according to a thorough scan and can be
opened with a Hex Editor. It contains a list of "MSI ATI Technologies"
VER (versions) from 2.05 to 5.44 and that may or may not be the reason
why this file is subject to frequent updates, apparently. The embedded
path "D:\Task\LIVEUP~1\sys\objfre\i386\FlashSys.pdb" should be a static
leftover (debug information file) and confirms more or less that this
particular file belongs to your "MSI Live Update" software. Under the
bottom line, there is nothing to worry about - estimated from afar.


You're certainly welcome.

I confirmed the live update theory because today, i updated live
update to a newer version and guess what? a new flashsys.sys file was
created.

Thanks again

 

[happymac.support]

Yep, that is a 32-bit binary file, however, w/o any version information.
It doesn't seem to be virulent according to a thorough scan and can be
opened with a Hex Editor. It contains a list of "MSI ATI Technologies"
VER (versions) from 2.05 to 5.44 and that may or may not be the reason
why this file is subject to frequent updates, apparently. The embedded
path "D:\Task\LIVEUP~1\sys\objfre\i386\FlashSys.pdb" should be a static
leftover (debug information file) and confirms more or less that this
particular file belongs to your "MSI Live Update" software. Under the
bottom line, there is nothing to worry about - estimated from afar.


You're certainly welcome.

Is there something wrong with google groups? nothing i post as of
today is getting on to the discussion! :-/