Solved

How do I identify if my C:\Windows\system32\wuauclt.exe file is legitimate?

Posted on 2007-11-17
1
2,452 Views
Last Modified: 2013-11-16
I am running XP Pro SP2 and still using Sygate as my firewall. This notified that Windows Update Automatic Updates had changed since the last time I used it and did I want to allow it access to which I answered yes. Sygate nevertheless blocked it and now the wireless icon in the notification area is continually glowing and the status shows it is receiving even though I am not connected. The file path in question is
C:\Windows\system32\wuauclt.exe and I note that *\wuauclt1.exe is also present in the system32 folder.

What should I do?
I have 3 screen shots that will flesh out the issue but cannot paste them here.
0
Comment
Question by:P-4N
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
davidis99 earned 350 total points
ID: 20322403
Both of those are valid files.  You can verify them by comparing the versions and byte counts against the information in these articles - you'll need to check for the specific versions you have installed against several possible versions.  If your versions and byte counts match, they're legitimate files.
http://www.processlist.com/search?q=wuauclt.exe&x=0&y=0
http://www.processlist.com/search?q=wuauclt1.exe&x=0&y=0
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question