Apparently Winpatrol does not list this file at startup:
BillpStudios WinpatrolWednesday, May 31, 2006
WgaTray.exe opens security hole
Itís called Windows Genuine Advantage. Iíve received a couple Emails about the file WgaTray.exe which was part of this weeks Windows Update. Some questioned how this file was able to run on startup but isnít listed by WinPatrol or other programs as an AutoStartup program.
Well, the answer is simple; this program is part of the Windows Operating system. After Windows starts it looks for this file in the system32 folder and runs it. Unfortunately, thereís a serious problem in with the way how Microsoft has implemented their anti-piracy system. The way Windows handles this file opens up a big security hole that most programs wonít plug. Any malicious program can delete the WgaTray.exe and replace it with its own malware using the same name. Windows does nothing to verify this program before running it the next time you reboot.
Microsoft describes this program as follows: "By using genuine Microsoft software, you can be confident that your software is legitimate and fully supported by Microsoft.Ē As if ďyouĒ didnít already know. More information can be found at http://www.microsoft.com/genuine/default.mspx and http://www.microsoft.com/genuine/dow...yValidate.aspx
You can also find a discussion at Broadband Reports.com http://www.dslreports.com/forum/remark,15963038 The topic of the discussion is more about flaws in Windows piracy then security. If you have your system set for auto-updates the newest version of WgaTray.exe will have been downloaded this week.