Back Orifice or BO is a free Win32 based Trojan program. Do not download or upload software unless you have opted to do so. This trojan can affect Windows 95 and Windows 98 system. It does not work on Windows NT. Back Orifice trojan needs to be executed by the user for it to be installed. Best of all, once executed and downloaded by the user it will install itself in such a way that it will be active all the time. Back Orifice adds an entry to the Windows Registry to achieve this. Besides, the client application, running on one machine, may be used to monitor and control online a second machine. The worm copies itself to the Windows folder as FVProtect.exe and adds the following registry entry to run itself whenever the user logs on to the computer:


The presence of Back Orifice installed in the computer will not be evident to the affected user. The size of this trojan file is 124,928 bytes. It can also be slightly more than this size.Troj/NeoBO-A is a Trojan for the Windows platform.

Actions are performed on the server by sending commands from the client to a specific ip address. If the server machine is not on a static address, it can be located by using the sweep or sweeplist commands from the text client, or from the gui client using the "Ping..." dialog or by putting a target ip of "1.2.3.*". If sweeping a list of subnets, when a server machine responds the client will look in the same directory as subnet list and will display the first line of the first file it finds with the filename of the subnet.

BO2K Configuration Wizard

Back Orifice Client 1.20p downloaded

Back Orifice Win32 GUI Client 1.20 Patched

Back Orifice Win32 GUI Client 1.20 Russian, Back Orifice 2000 Server Configuration. Includes free download tool.

Last updated: June 4, 2008