Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.17031 (winblue_gdr.140221-1952) 0.52%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.41%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.02%
6.2.9200.16384 (win8_rtm.120725-1247) 0.76%
6.2.9200.16384 (win8_rtm.120725-1247) 4.51%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.03%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.03%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.02%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.03%
6.1.7600.16385 (win7_rtm.090713-1255) 5.42%
6.1.7600.16385 (win7_rtm.090713-1255) 63.61%
6.1.7600.16385 (win7_rtm.090713-1255) 18.22%
6.1.7600.16385 (win7_rtm.090713-1255) 5.86%
6.1.7600.16385 (win7_rtm.090713-1255) 0.02%
6.0.6001.18000 (longhorn_rtm.080118-1840) 0.46%
6.0.6001.18000 (longhorn_rtm.080118-1840) 0.08%
6.0.6001.18000 (longhorn_rtm.080118-1840) 0.02%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, OpenProcessToken, RegDeleteKeyW, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegSetValueExW, RegQueryInfoKeyW, RegEnumKeyExW, TraceMessage, CreateProcessWithTokenW, DuplicateTokenEx, GetLengthSid, CopySid, LookupAccountNameW, CloseServiceHandle, QueryServiceStatusEx, OpenServiceW, OpenSCManagerW, EnableTrace, ControlTraceW, GetTokenInformation, DuplicateToken, CreateWellKnownSid, CheckTokenMembership, RegQueryValueExW, CloseTrace, ConvertStringSecurityDescriptorToSecurityDescriptorW, StartTraceW
comctl32.dll
InitCommonControlsEx, ImageList_ReplaceIcon, ImageList_Create, PropertySheetW, ImageList_AddMasked, ImageList_Add, ImageList_Destroy
credui.dll
CredUIPromptForCredentialsW
crypt32.dll
CryptProtectMemory, CryptUnprotectMemory
gdi32.dll
CreateFontIndirectW, ExcludeClipRect, CreateCompatibleDC, SetLayout, GdiFlush, DeleteDC, CreateDIBSection, GetObjectW, SelectObject, GetTextExtentPoint32W, SetBkMode, SetTextColor, SetBkColor, ExtTextOutW, GetDeviceCaps, DeleteObject
kernel32.dll
TlsAlloc, TlsSetValue, TlsGetValue, GetTickCount, LoadLibraryW, GetProcAddress, InterlockedPopEntrySList, InitializeSListHead, RtlCaptureStackBackTrace, InterlockedPushEntrySList, CompareFileTime, GetCalendarInfoW, GetTimeFormatW, EncodePointer, GetLocaleInfoW, RaiseException, InitializeCriticalSection, GetWindowsDirectoryW, GetVolumePathNameW, DecodePointer, FormatMessageW, MoveFileExW, ExpandEnvironmentStringsW, DeviceIoControl, GetVolumePathNamesForVolumeNameW, FileTimeToLocalFileTime, FileTimeToSystemTime, GetDateFormatW, GetUserDefaultLCID, WTSGetActiveConsoleSessionId, ProcessIdToSessionId, GetVolumeNameForVolumeMountPointW, DeleteFileW, CreateDirectoryW, GetComputerNameW, CreateFileW, GetFileAttributesW, OutputDebugStringA, UnhandledExceptionFilter, GetCurrentProcessId, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, GetStartupInfoA, InterlockedCompareExchange, GetVersionExA, DeleteCriticalSection, CloseHandle, InterlockedDecrement, GetSystemPowerStatus, Sleep, GetLastError, OpenProcess, lstrlenW, EnterCriticalSection, LeaveCriticalSection, InterlockedIncrement, lstrcmpiW, RegisterApplicationRestart, LocalFree, HeapSetInformation, SetErrorMode, GetCommandLineW, TerminateProcess, GetCurrentProcess, FreeLibrary, MultiByteToWideChar, SizeofResource, LoadResource, FindResourceW, LoadLibraryExW, GetModuleHandleW, GetModuleFileNameW, GetSystemTimeAsFileTime, SetLastError, GetVolumeInformationW, CreateThread, InitializeCriticalSectionAndSpinCount, ResetEvent, CreateEventW, WaitForMultipleObjects, GetLocalTime, GetDiskFreeSpaceExW, GetThreadId, WaitForSingleObject, GetCurrentThreadId, InterlockedExchange, SetEvent
msvcrt.dll
DllMain
ntdll.dll
RtlGetThreadErrorMode, RtlFreeHeap, RtlAllocateHeap, NtQuerySystemInformation, NtQueryVolumeInformationFile, RtlNtStatusToDosError, NtSetInformationProcess, RtlSetThreadErrorMode, WinSqmAddToStream
ole32.dll
CoDisconnectObject, GetRunningObjectTable, CreateClassMoniker, CLSIDFromString, CoCreateInstance, CoInitializeSecurity, CoWaitForMultipleHandles, CreateBindCtx, CoGetClassObject, StringFromGUID2, CoCreateGuid, CoInitializeEx, CoUninitialize, CoTaskMemFree, CoTaskMemRealloc, CoTaskMemAlloc
secur32.dll
GetUserNameExW
shell32.dll
SHGetPathFromIDListW, SHGetFileInfoW, SHGetDesktopFolder, SHParseDisplayName, SHBindToParent, SHBrowseForFolderW, SHGetSpecialFolderLocation, SHGetFolderLocation, Shell_NotifyIconW, ShellExecuteExW, SHGetFolderPathW, SHGetIDListFromObject, SHBindToObject, SHGetStockIconInfo, CommandLineToArgvW, SHCreateItemFromParsingName
shlwapi.dll
PathIsNetworkPathW, PathCompactPathExW, PathFindFileNameW, StrRetToBufW, SHAutoComplete, PathIsDirectoryW, PathFileExistsW
slc.dll
SLGetWindowsInformationDWORD
spp.dll
SxTracerDebuggerBreak, SxTracerShouldTrackFailure, SxTracerGetThreadContextRetail
user32.dll
SetMenuDefaultItem, DestroyMenu, SendMessageW, AppendMenuW, PostMessageW, TrackPopupMenu, GetCursorPos, CharNextW, ReleaseDC, IsWindow, CreateDialogParamW, LoadStringW, LoadImageW, SetForegroundWindow, KillTimer, DialogBoxParamW, SystemParametersInfoW, RegisterWindowMessageW, ChangeWindowMessageFilter, SetProcessDPIAware, GetDC, UnregisterClassA, GetShellWindow, MsgWaitForMultipleObjectsEx, PeekMessageW, SendMessageTimeoutW, MessageBoxW, GetClassNameW, SetTimer, EnableWindow, GetLastActivePopup, UnregisterClassW, PostThreadMessageW, DestroyWindow, SetFocus, GetDlgItem, DefWindowProcW, DispatchMessageW, TranslateMessage, IsDialogMessageW, GetMessageW, CreateWindowExW, RegisterClassExW, GetSysColorBrush, GetSysColor, GetWindowLongW, SetWindowPos, MapWindowPoints, GetWindowThreadProcessId, GetClassInfoExW, EndPaint, BeginPaint, CreatePopupMenu, GetWindowRect, GetParent, EndDialog, MapDialogRect, FindWindowExW, BeginDeferWindowPos, EndDeferWindowPos, SendDlgItemMessageW, EqualRect, DeferWindowPos, IsWindowVisible, GetAncestor, InflateRect, DrawFrameControl, GetDesktopWindow, CopyRect, OffsetRect, GetFocus, GetDlgItemTextW, RedrawWindow, GetKeyState, IsWindowEnabled, LoadCursorW, SetCursor, SetWindowLongW, GetWindowDC, GetWindowTextW, GetClientRect, UpdateWindow, CheckRadioButton, CheckDlgButton, IsDlgButtonChecked, CallWindowProcW, SetWindowTextW, DestroyIcon, LoadIconW, SetDlgItemTextW, ShowWindow, GetSystemMetrics, MoveWindow, EnumWindows
wtsapi32.dll
WTSQuerySessionInformationW, WTSFreeMemory

sdclt.exe

Microsoft Windows Backup by Microsoft

Remove sdclt.exe
Version:   6.1.7600.16385 (win7_rtm.090713-1255)
MD5:   cdebd55ffbda3889aa2a8ce52b9dc097
SHA1:   4b3cbfff5e57fa0cb058e93e445e3851063646cf
SHA256:   61bd24487c389fc2b939ce000721677cc173bde0edcafccff81069bbd9987bfd
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is sdclt.exe?

You can use the Backup utility to back up and restore data on your computer's disks.

About sdclt.exe (from Microsoft)

Backup and Restore—improved for Windows 7—creates safety copies of your most important personal files, so you're always prepared for the worst. Let Windows choose what to back up, or pick individual f

Overview

sdclt.exe executes as a process with LOCAL SERVICE privileges typically within the context of its parent services.exe (Services and Controller app by Microsoft). It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It configures an autoplay handler withing explorer.exe named MSSdConfigBackup that will launch the program automatically. This version is designed to run on Windows 7 and is compiled as a 64 bit program.

DetailsDetails

File name:sdclt.exe
Publisher:Microsoft Corporation
Product name:Microsoft® Windows Backup
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\sdclt.exe
Original name:sdclt.exe.mui
File version:6.1.7600.16385 (win7_rtm.090713-1255)
Product version:6.1.7600.16385
Size:1.21 MB (1,264,640 bytes)
Digital DNA
PE subsystem:Windows GUI
Entropy:6.860738
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Scheduled tasks
  • The task 'CheckFull' runs weekly in the path '\Microsoft\Windows\WindowsBackup\CheckFull'
  • The task 'ConfigNotification' runs daily in the path '\Microsoft\Windows\WindowsBackup\ConfigNotification'
  • The task 'Windows Backup Monitor' runs daily in the path '\Microsoft\Windows\WindowsBackup\Windows Backup Monitor'
  • Entry path '\Microsoft\Windows\WindowsBackup\CheckFull'
  • Entry path '\Microsoft\Windows\WindowsBackup\Windows Backup Monitor'
  • Entry path '\Microsoft\Windows\WindowsBackup\ConfigNotification'
Autoplay handlers
Runs under the registry key 'SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers'
  • Handler name 'MSSdRunBackup'
  • Handler name 'MSSdConfigBackup'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\Microsoft\Windows\WindowsBackup\Windows Backup Monitor'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.01692673%
0.028634%
Kernel CPU:0.00551959%
0.013761%
User CPU:0.01140714%
0.014873%
Memory
Private (maximum):5.89 MB
Private (minimum):2.79 MB

BehaviorsProcess properties

Platform:64-bit
Command line:C:\Windows\System32\sdclt.exe /confignotification
Owner:LOCAL SERVICE
Parent process:services.exe (Services and Controller app by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 61.00%
Windows 7 Ultimate 17.50%
Windows 7 Professional 8.00%
Windows 8.1 3.00%
Windows Seven Black Edition 2.50%
Windows 7 Home Basic 2.50%
Windows 8 2.00%
Windows 8.1 Pro 1.50%
Windows 8.1 Single Language 1.50%
Windows 8 Enterprise N 0.50%

Distribution by countryDistribution by country

United States installs about 58.00% of Microsoft® Windows Backup.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 23.22%
Hewlett-Packard 22.47%
Toshiba 17.23%
Acer 13.48%
ASUS 12.73%
Sony 4.49%
Samsung 2.25%
Alienware 1.87%
Lenovo 1.50%
Intel 0.75%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE