| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 53201 | 2005-01-10 08:11:00 | EXE's in System32 | Agent_24 (57) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 312731 | 2005-01-10 08:11:00 | Just noticed these three programs: wuauclt1.exe wuauclt.exe wupdmgr.exe Know this is probably a stupid-ass question, but are any of these evil, and why does on have a 1, and a different size? Both have windows XP digital signatures, etc? |
Agent_24 (57) | ||
| 312732 | 2005-01-10 08:20:00 | All 3 are to do with Windowsupdate . They're windowsupdate files . The file with the 1 may have been overwritten by the wuauclt . exe file . And the system just renamed it with a 1 in it . And no theyre not evil . Theyre part of XP for Windowsupdate . |
Speedy Gonzales (78) | ||
| 312733 | 2005-01-10 10:32:00 | I was just checking cos I had some trouble with a virus that copies itself to system32 as svcnet.exe (stupid norton didn't pick it up), and since I recall only having wuauclt.exe last time I checked, I thought perhaps something else may have slipped in. which brings me around to another question? why is norton doing that? It detects some viruses and not others - it has been fully updated and has latest virus defs. (even so, the svcnet.exe virus, or "W32.Tibick" as symantec's site tells me; was discovered July 2004, so I don't see why it isn't detected) |
Agent_24 (57) | ||
| 312734 | 2005-01-10 10:46:00 | No virus checker is perfect, Ive had some slip past my virus checker at work the only reason I knew I was infected was when checking the firewall logs (dayly) I noticed alot of deny's using my IP number the little beasties were trying to phone home. | beama (111) | ||
| 312735 | 2005-01-10 14:41:00 | Just noticed these three programs: wuauclt1 . exe wuauclt . exe wupdmgr . exe Know this is probably a stupid-ass question, but are any of these evil, and why does on have a 1, and a different size? Both have windows XP digital signatures, etc? Those are all regenating auto update files, anybody know where/what the engine that regenerates then is, and what it is listed under or part of????????? I would like to kill it . As yet I havent applied seriuos effort to it though . |
bsssst (1725) | ||
| 312736 | 2005-01-10 22:03:00 | hey, just looking at mine, i have 5 of: svchost.exe running, is this normal?? |
Fergie (6508) | ||
| 312737 | 2005-01-10 22:32:00 | Yep, more than one is perfectly normal... | karter16 (6838) | ||
| 312738 | 2005-01-11 00:55:00 | If you want to stop automatic updates, just go to the updates' settings in control panel and turn it off. (and if SP2 security centre is annoying you when you turn them off, go into security centre, and click "Change the way security centre alerts me" and uncheck the box next to automatic updates) |
Agent_24 (57) | ||
| 312739 | 2005-01-11 01:50:00 | Since they are part of the auto update mechanism, they are probably regarded as essential system software, whether or not you have enabled the option. If so, they will be checked (and replaced if necessary) as part of the system check at boot time. | Graham L (2) | ||
| 312740 | 2005-01-11 01:58:00 | Since they are part of the auto update mechanism, they are probably regarded as essential system software, whether or not you have enabled the option . If so, they will be checked (and replaced if necessary) as part of the system check at boot time . Yes this is so, even though the updates are nutered, the logo is still in task bar/controll panell and the exe are still there . I would like to remove them all but as yet have not found the engine/generator that creates them if I can find and alter this generator it would be nice, in 2k it is installed with sp4 . once found in either 2k or xp it should be possible to kill it in either as they will undoubtably live in the same place . |
bsssst (1725) | ||
| 1 2 | |||||