There is no virus by this name. However, there is a toolkit from
a hacker group Cult of the Dead Cow by this name.
This trojan horse allows an intruder to monitor and tamper with
Windows 95 and Windows 98 computers over the Internet. There is no
easy way for a computer user to know the attack is taking place, and
there is no easy way to stop the attack once Back Orifice has
installed itself on the computer.
In a typical attack, the intruder sends the Back Orifice trojan horse
to his victim as a program attached to e-mail. When the e-mail
recipient executes the program attachment, the trojan horse opens
connections from the computer to the Internet. This allows the
intruder to control the computer. The trojan horse is invisible and
will restart itself automatically even if Windows is re-booted.
Back Orifice allows a hacker to view and modify any files on the
hacked computer. It can create a log file of the computer users
actions. It can take screen shots of the computer screen and send them
back to the hacker. Or it can simply crash the computer.
F-Secure Anti-Virus detects and disinfects this trojan as Trojan.Win32.BO.
To manually remove Back Orifice, restart the machine in MS-DOS mode
(Start/Shut Down/Restart in MS-DOS mode) and delete the BO server from
Windows system directory. Usually this can be done by typing in the
DOS prompt:
![](/images/pixel.gif"){kind=tracking}
