Backdoor.Rbot.gen - have I got rid of it?

  igr 17:22 03 Sep 04
Locked

Following an anti virus scan with eScan (mwav) v 4.4.7 the above was found in the WINNT\system32\TFTP764.exe file. The eScan software renamed the file by changing the file extension .exe to .mwt. So the file is still in the system - I wondered if the file TFTP764.exe was a legitimate file in the first place and since corrupted, and I have other files TFTP1040 and TFTP840 and tftp in the same directory.

Should I delete the .mwt file? and are the other files mentioned kosher?

  Fruit Bat /\0/\ 17:38 03 Sep 04

tclick here refers to Trivial File Transfer Protocal App

You should have a Tclick here file but not sure if the others are valid (not in my system32)think they get put in by spyware when you are tricked into going to a look alike Windows update site.

  Fruit Bat /\0/\ 17:40 03 Sep 04

Ignore the click heres in the above posting not sure why your suspect file name was changed to click here.

  igr 20:50 03 Sep 04

bump

  stalion 20:54 03 Sep 04

the files are renamed so that they do not cause any further problems they are probably shared files so removing them could cause you problems.If you want confirmation that the virus has gone run another scan

This thread is now locked and can not be replied to.

How to get Windows 10 for free | How to install Windows 10: There is still a way to avoid paying…

1995-2015: How technology has changed the world in 20 years

Hands-on with the Star Wars fighting drones you can fly yourself

15 macOS Sierra tips | How to use macOS Sierra: Secret tricks and best new features in Apple's new…