BoDetect Frequently Asked Questions

Frequently Asked Questions

If you have questions or suggestions that don't appear here, drop me a line!

Q) I get the error message "BoDetect could not register the scan engine" or "CoCreateInstance Failed". What should I do?

A) Please upgrade to version 2.5.

Q) Can I have a copy of the source code for BoDetect? Please?

A) No, sorry. Now, if you want to purchase the rights to BoDetect, email me and we'll talk! :)

Q) Why did you change BoDetect from freeware to shareware?

A) I enjoyed providing BoDetect as a free service to the Internet community. However, as its popularity increased, so did the amount of time, effort, and money I was putting into it.

Q) Why don't you use PGP to sign your program?

A) I do now use PGP, but before I can distribute signed programs, I have to check out some of the licensing issues. Stay tuned.

Q) I ran BoDetect and it said it removed Back Orifice, but my Anti-virus program keeps detecting it. What do I do?

A) When BoDetect finds and removes a Back Orifice 'infection', it first kills the running process to stop any intrusion into your system. It then takes steps to prevent Back Orifice from being restarted when you reboot.

Finally, it will rename the infected file by appending a '.BOD' on the end of the file name. So, a file like 'backOrificeInfectedFile.exe' becomes 'backOrificeInfectedFile.exe.BOD'. These files are moved into a directory called 'Infected Files' which will be created in the same directory that BoDetect is installed in.

Your Anti-virus program is probably detecting this file(s) as infected, even though they are no longer running. My suggestion is to delete these files manually, or let your Anti-virus program delete the files if it finds them.

Q) Your program is broken, man. What's the best way to let you know?

A) If you need to report a bug, please make sure you follow these instructions. This is the easiest way for me to debug and figure out what's wrong. If you think that BoDetect is not detecting an instance of Back Orifice on your system, please do the following:

Send me the 'bodetect.log' file that is in the directory where you installed BoDetect. Make sure you have run BoDetect so it has a log of its last-run information in it.

Send me the file you suspect is the Back Orifice executable. Please name the file 'BACKORIFICE.BOD'. That is important.

Send me a description of your situation. In other words, what makes you think you are infected. What is your OS, did you install Back Orifice yourself, or anything else relevant. Please send all of this to me in a single email, with the files sent along as attachments. I'll do my best to help you out.

For any other problems (such as error messages) just send me a description of the problem, plus the 'bodetect.log' file, along with any error message you got while running BoDetect.

Q) No offense, but I don't trust you. How do I know that BoDetect isn't just Back Orifice in disguise?

A) No offense taken. That is a fair and oft asked question. There are people who are supplying fake solutions to the Back Orifice problem, but I'm not one of them. BoDetect has been reviewed by ZDNet's HotFiles and CNet's Download.com, and both of these sites thoroughly check all submissions for viruses/trojans etc. If anyone needs/wants more information, feel free to email me!

Frequently Asked Questions

Q) I get the error message "BoDetect could not register the scan engine" or "CoCreateInstance Failed". What should I do?

A) Please upgrade to version 2.5.

Q) Can I have a copy of the source code for BoDetect? Please?

A) No, sorry. Now, if you want to purchase the rights to BoDetect, email me and we'll talk! :)

Q) Why did you change BoDetect from freeware to shareware?

A) I enjoyed providing BoDetect as a free service to the Internet community. However, as its popularity increased, so did the amount of time, effort, and money I was putting into it.

Q) Why don't you use PGP to sign your program?

A) I do now use PGP, but before I can distribute signed programs, I have to check out some of the licensing issues. Stay tuned.

Q) I ran BoDetect and it said it removed Back Orifice, but my Anti-virus program keeps detecting it. What do I do?

A) When BoDetect finds and removes a Back Orifice 'infection', it first kills the running process to stop any intrusion into your system. It then takes steps to prevent Back Orifice from being restarted when you reboot.

Your Anti-virus program is probably detecting this file(s) as infected, even though they are no longer running. My suggestion is to delete these files manually, or let your Anti-virus program delete the files if it finds them.

Q) Your program is broken, man. What's the best way to let you know?

A) If you need to report a bug, please make sure you follow these instructions. This is the easiest way for me to debug and figure out what's wrong. If you think that BoDetect is not detecting an instance of Back Orifice on your system, please do the following:

Send me the 'bodetect.log' file that is in the directory where you installed BoDetect. Make sure you have run BoDetect so it has a log of its last-run information in it.

Send me the file you suspect is the Back Orifice executable. Please name the file 'BACKORIFICE.BOD'. That is important.

For any other problems (such as error messages) just send me a description of the problem, plus the 'bodetect.log' file, along with any error message you got while running BoDetect.

Q) No offense, but I don't trust you. How do I know that BoDetect isn't just Back Orifice in disguise?