Recently we have noticed that in the Root of students and staff "My Documents" redirected to drive u: there is a file bho.dll of varying size and date stamps. A Google search suggests that it usually is used as spyware/adware. After deleting it the next day it is regenerated. I assume it may be the activity of one of our network applications but no idea which.
Does anyone know anything about this?