Yeah firewall reposrts that update.exe, signed by microsoft, is trying to update that kind of an directory. The only question i have right now is, what is that thing? CatRoot2? Sounds like a malware to me O.o Although i could be wrong.
"C:\Windows\system32\CatRoot2" <-- What is that?
This is a Microsoft folder (I’ve deleted it myself, but it might not be possible with all default Windows services running), so don’t worry about that. Furthermore, if update.exe is signed by Microsoft, there’s nothing to worry about, really.
Oh. Thank you (:HUG) Aand another question. How can i clean my temp folder? eXterminate it! found one trojan from there, and there seems to be a few more malicous looking temporary files.
Do you mean the Windows\Temp folder? Can you manually delete the stuff in there? If not, I guess you need malware removal assistance. Malware not running can easily be deleted, but if it’s running, you have to get rid of it somehow.
Yeah i can manually delete stuff from there. Just wanted to know if it affects my computer in harmful way. ???
As long as it’s not executed, it’s not harmful. You can safely delete all contents in the temp folder.
C:\Windows\system32\CatRoot2 folder is an impotant folder which helps to fetch regular Windows Updates. The Catroot2 folder is automatically recreated by Windows once it is deleted. For the most of the windows Updates issues, once you delete or rename the catrrot2 folder wil fix the issue because once you have renamed or deleted the catrroot2 folder it will refresh the update history…
Just An Added Information To What You Have Mentioned. Its A Folder Which Stores The Signatures Of Windows Update Package And Allows It To Be Installed. The File %windir%\System32\catroot2\edb.log will be updated by the cryptographic services. So Inorder To Delete The Folder The Cryptographic Services Has To Be Stopped First. All The Updates Are Stored Under The Folder %windir%\SoftwareDistribution And Its managed By The Automatic Updates Service.