Google Answers Logo
View Question
Q: virii, trojan horses, keyloggers, security breaches ( Answered,   0 Comments )
Subject: virii, trojan horses, keyloggers, security breaches
Category: Computers > Security
Asked by: yvette176-ga
List Price: $20.00
Posted: 27 May 2004 10:08 PDT
Expires: 26 Jun 2004 10:08 PDT
Question ID: 352736
what does module hwkapd.exe do and why is it loaded in my system?

Request for Question Clarification by aceresearcher-ga on 27 May 2004 11:16 PDT
Greetings, yvette!

Can you verify that the correct spelling is "hwkapd.exe" ?



Clarification of Question by yvette176-ga on 27 May 2004 14:12 PDT
yes, the exact spelling of the load module name is hwkapd.exe.  it
resided in c:\winnt\system32\.  the system is w2k pro sp4.

if you would like, i will send it to you as a .zip file, or i can ftp
it to anywhere you designate.

please advise.


Request for Question Clarification by hummer-ga on 27 May 2004 17:20 PDT
Hi yvette176,

A good place to start is to scan your computer with these programs:

HouseCall (very thorough online virus scan):

Adaware (Search for Updates before running):


Clarification of Question by yvette176-ga on 27 May 2004 18:41 PDT

thanks for the ideas.

i renamed the offending module above back to it's original name (in
case housecall would look at file names).  i then ran the trend micro
housecall thing, and found an uninstalled christine aguillera
screensave (!), which i promptly wiped with pgp.  however, the
offending module above (which is the subject of this query) was not
identified.  and why our licensed sohpos anti-vi didn't find the
screensaver is something i now have to take up with them.

afa ad-aware goes, i have installed spybot S&D and hijackthis!, and
neither of them paid any attention to this module.  i have
consistently found spybot S&D to be more efficient and thoro than
ad-aware, so i'll pass on the ad-aware (for now).

thus, my question remains unanswered.  thanks for the housecall idea,
tho!  how that screensaver got downloaded remains a mystery (as does
how VX2 got installed even tho i have active-x blocking!)

if anyone has any other ideas, as Ross once said, "i'm all ears".

Clarification of Question by yvette176-ga on 27 May 2004 18:44 PDT
note everybody that i have now upped the ante on the question.

stump the stars!  <g>

Request for Question Clarification by aceresearcher-ga on 27 May 2004 18:50 PDT

I *do* recommend that you install and run AdAware as well (be sure to
click "Search for Updates" in both AdAware and Spybot before each time
that you run them). I (and numerous people I know) run both of them. I
have found them to be complementary -- what one does not catch,
sometimes the other does.

As far as the hwkapd.exe module, am I correct in understanding that
you actually found this executing on your system?

Can you execute HijackThis, and post a copy of your log?



Clarification of Question by yvette176-ga on 27 May 2004 22:38 PDT
aceresearcher-ga, you win.

i installed ad-aware and it found the program (as well as 71 other
things that hijackthis! and spybot S&D didn't find!  who knew?):

Data Miner c:\winnt\system32\ysh_renamed_hwkapd.exe 

it's part of the VX2 thing that some @#$! sent me without my knowledge
or approval.  it's now gone.

so since this is my first google question, how do you get paid?  please advise.

thanks for the help to everyone!

Subject: Re: virii, trojan horses, keyloggers, security breaches
Answered By: aceresearcher-ga on 27 May 2004 23:53 PDT

I am **so** pleased that I was able to help you resolve your nasty little bug.

One of the things that I really *despise* is scumware and the
bottom-feeding scum that create them.

(Okay, so I'm a little passionate about this.)

By my posting an Answer here, Google Answers will pay me the fee for your Question.

In addition to recommending 

Spybot Search & Destroy


If you already have Spybot and/or AdAware installed on your PC, be
sure to download the latest updates first **each time you run them**.



I also recommend these other helpful free anti-scumware diagnostic and
removal utilities:


Online Housecall


Something to keep in mind is that even if these programs give your
system a "clean bill of health", it does *not* mean that you can be
absolutely sure that your system is clean. It is only a *reasonable
assurance* that it is clean.

Some great sites for information about viruses, worms, Trojans, and parasites are:


Tom Coyote

If you are not already running a firewall on your computer, it is
really *critical* that you do so.

If you aren't, I definitely recommend that you install Zone Alarm or
Zone Alarm Pro. I (and many people I know) use the Pro (paid) version,
which provides more extensive protection and customization. You can
download them here:

It's also VERY important to continue to check with Microsoft
periodically and make sure that you have installed any new
security-related patches that have been released. You can find out if
there are any available by going here:

I hope that this information has provided you with exactly the
information you need to keep your computer healthy and your surfing
experience a smooth one!

Best Wishes,

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy