Backdoor.Rbot.gen - have I got rid of it?

  igr 17:22 03 Sep 04

Following an anti virus scan with eScan (mwav) v 4.4.7 the above was found in the WINNT\system32\TFTP764.exe file. The eScan software renamed the file by changing the file extension .exe to .mwt. So the file is still in the system - I wondered if the file TFTP764.exe was a legitimate file in the first place and since corrupted, and I have other files TFTP1040 and TFTP840 and tftp in the same directory.

Should I delete the .mwt file? and are the other files mentioned kosher?

  Fruit Bat /\0/\ 17:38 03 Sep 04

tclick here refers to Trivial File Transfer Protocal App

You should have a Tclick here file but not sure if the others are valid (not in my system32)think they get put in by spyware when you are tricked into going to a look alike Windows update site.

  Fruit Bat /\0/\ 17:40 03 Sep 04

Ignore the click heres in the above posting not sure why your suspect file name was changed to click here.

  igr 20:50 03 Sep 04


  stalion 20:54 03 Sep 04

the files are renamed so that they do not cause any further problems they are probably shared files so removing them could cause you problems.If you want confirmation that the virus has gone run another scan

This thread is now locked and can not be replied to.

Huawei P10 review

1995-2015: How technology has changed the world in 20 years

How VR is being used to simulate space

New iPad, iPhone SE & Red iPhone 7 on sale now