A. Back Orifice 2000 is not a virus as such but a program that is usually maliciously installed on a machine and it allows it to be remotely controlled.
To check if its installed on your system for Windows 9x:
- Start the registry editor (regedit.exe)
- Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunService
- Check for Umgr32.exe entry, if its there it will equate to something like 'C:\\Windows\\System\\Umgr32.exe e' however the image name can be changed
To remove consult with you anti-virus maker but you could delete the RunService entry to stop at once.
For Windows NT/2000 start the Service Control panel applet (for 2000 start the Computer Management MMC - Services and Applications - Services) and check for 'Remote Administrator Service. Again if its there consult your anti-virus vendor but stop the service and set to disabled.
0 comments
Hide comments