Jump to content
Kyle G

Backdoor.Torr in Windows Updates?

Recommended Posts

I recently scanned a friends computer with the most recent definitions at the time of this posting and found that there were 6 instances of Backdoor.Torr in what seems like valid Windows Update files located in C:\util\msupdate\*. The files are:

WindowsXP-KB892050-v3-x86-ENU.exe

WindowsXP-KB896256-v3-x86-ENU.exe

WindowsXP-KB923232-v3-x86-ENU.exe

WindowsXP-KB927891-v3-x86-ENU.exe

WindowsXP-KB940275-v3-x86-ENU.exe

I ran a scan on C:\util\msupdate\ on another computer and found the same result for KB896256 but the other computer doesn't have any of those other update files.

Googling the KB article shows that these are valid KB articles with updates, but I'm not sure if this c:\util\msupdate\ folder should even exist, and if it does, why are updates being downloaded to there and not deleted after the update is installed. Can anyone else confirm if these files and locations are valid or if they are a threat?

Thanks.

Share this post


Link to post
Share on other sites
Let me know if this is fixed.

MBAM removes the files without any issues. But I'm still unsure if they are valid windows updates or not as I don't want to run them to find out.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.