Solved

How do I identify if my C:\Windows\system32\wuauclt.exe file is legitimate?

Posted on 2007-11-17
1
2,449 Views
Last Modified: 2013-11-16
I am running XP Pro SP2 and still using Sygate as my firewall. This notified that Windows Update Automatic Updates had changed since the last time I used it and did I want to allow it access to which I answered yes. Sygate nevertheless blocked it and now the wireless icon in the notification area is continually glowing and the status shows it is receiving even though I am not connected. The file path in question is
C:\Windows\system32\wuauclt.exe and I note that *\wuauclt1.exe is also present in the system32 folder.

What should I do?
I have 3 screen shots that will flesh out the issue but cannot paste them here.
0
Comment
Question by:P-4N
1 Comment
 
LVL 15

Accepted Solution

by:
davidis99 earned 350 total points
ID: 20322403
Both of those are valid files.  You can verify them by comparing the versions and byte counts against the information in these articles - you'll need to check for the specific versions you have installed against several possible versions.  If your versions and byte counts match, they're legitimate files.
http://www.processlist.com/search?q=wuauclt.exe&x=0&y=0
http://www.processlist.com/search?q=wuauclt1.exe&x=0&y=0
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5505 NAT question 8 124
Land attack dropped sonicwall 4 940
Single domain/site being blocked.... but why and where? 10 78
Need assistance with Windows Firewall rules 6 83
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question