Jump to content

Backdoor.Torr in Windows Updates?


Kyle G

Recommended Posts

I recently scanned a friends computer with the most recent definitions at the time of this posting and found that there were 6 instances of Backdoor.Torr in what seems like valid Windows Update files located in C:\util\msupdate\*. The files are:

WindowsXP-KB892050-v3-x86-ENU.exe

WindowsXP-KB896256-v3-x86-ENU.exe

WindowsXP-KB923232-v3-x86-ENU.exe

WindowsXP-KB927891-v3-x86-ENU.exe

WindowsXP-KB940275-v3-x86-ENU.exe

I ran a scan on C:\util\msupdate\ on another computer and found the same result for KB896256 but the other computer doesn't have any of those other update files.

Googling the KB article shows that these are valid KB articles with updates, but I'm not sure if this c:\util\msupdate\ folder should even exist, and if it does, why are updates being downloaded to there and not deleted after the update is installed. Can anyone else confirm if these files and locations are valid or if they are a threat?

Thanks.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.