How To Find the BO Trojan with FIND/Files
Without knowing a few more facts about the generic form of BO, you might as well just keep looking through your SYSTEM folder. But here are some limits to help you out. Set them as you see in these pics:
This is the only date I know of that it modifies itself to, but I'll make an immediate change if I find out otherwise. (It may be smart enough to check the date of your system files, and change it to whatever they are set at!):
Using these settings, I got a set of four files matching the limits. It's easy to spot the generic BO trojan (circled in red) on the list:
Right-click on the file name [ .exe] with your mouse cursor, and choose "Properties" from the menu. You should see a window similar to this one:
 |
The BO-server Name Game
|
Just as we did for the windll.dll file, you should probably write down the "Creation" date for your file to help you figure out how it got onto your computer!
From either the FIND/Files list, or an Explorer window, if you try to delete BO while it is still running in memory, you'll get this notice:
Back to the BO Trojan page.