What is “Backdoor.Win32.BO2K.ai”?

The Backdoor.Win32.BO2K.ai is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor.Win32.BO2K.ai virus can do?

Authenticode signature is invalid

How to determine Backdoor.Win32.BO2K.ai?


File Info:
name: 66BBDA82A170A2DC1A18.mlw
path: /opt/CAPEv2/storage/binaries/29361352896f28b85d391177283a4873c14ba8a1b1a85a32ae0bc3d10ae2f77a
crc32: 940E1A2C
md5: 66bbda82a170a2dc1a18e2ec5b9f8e25
sha1: 1dfc07f25a9bcac5f47c72ce6872041cbfea4e9e
sha256: 29361352896f28b85d391177283a4873c14ba8a1b1a85a32ae0bc3d10ae2f77a
sha512: f3603442dfe51a4ba439e859987aba28b2ec3abb007146d63d7804f6f94f9934ebc6d589649e3cecd19277a708f7b9af51a9a7eb42d820893bb54748449b4a1a
ssdeep: 6144:ZqzP5bRtqqAlP4KaLf/Om8UdmQ9Q77PJ9Huq:ZqjhOC9/Om88mQ9kP3Oq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BF947B81F3D18875E9E4463289AA6F78A274BD50DE21576F23A5FF3D8E335C09A21334
sha3_384: 26de4f910ace9892e37fb0021d7398618131507b1ada0fbedb056d65a1dbb1a0d31d75d2480d65b8c1b82a2c6c322a95
ep_bytes: 558bec6aff682844430068f059410064
timestamp: 2007-03-12 18:57:54

Version Info:
Comments: Reverse capable, right click plugins, direct plugin reverse
CompanyName: BO2K Development Team
FileDescription: BO2K Client
FileVersion: 1, 3, 1, 0
InternalName: bo2kgui
LegalCopyright: Copyright © 2007, BO2K Development
LegalTrademarks: :P
OriginalFilename: bo2kgui.exe
PrivateBuild: o===3
ProductName: BO2K
ProductVersion: 1, 3, 1, 0
SpecialBuild: Novice222
Translation: 0x0000 0x04b0

Backdoor.Win32.BO2K.ai also known as:

Bkav	W32.Common.7278AFAC
Lionic	Trojan.Win32.BO2K.m!c
Skyhigh	RDN/Generic BackDoor
McAfee	RDN/Generic BackDoor
Cylance	unsafe
Zillya	Backdoor.BO2K.Win32.545
Alibaba	Backdoor:Win32/MalwareF.532d8225
VirIT	Trojan.Win32.Generic.HVO
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Kaspersky	Backdoor.Win32.BO2K.ai
NANO-Antivirus	Trojan.Win32.BO2K.czyfrd
Avast	Win32:Malware-gen
Rising	Trojan.Zpevdo!8.F912 (TFE:5:Q6fXfIKAhVH)
F-Secure	Trojan.TR/Agent.434176.O
TrendMicro	TROJ_GEN.R002C0PAN24
Webroot	W32.Malware.Gen
Google	Detected
Avira	TR/Agent.434176.O
Antiy-AVL	Trojan[Backdoor]/Win32.BO2K
Xcitium	Malware@#28rfffijm12cm
ZoneAlarm	Backdoor.Win32.BO2K.ai
Microsoft	Trojan:Win32/Dynamer!dtc
Varist	W32/Risk.FWEU-2643
VBA32	Backdoor.BO2K
MAX	malware (ai score=100)
Malwarebytes	Generic.Malware/Suspicious
TrendMicro-HouseCall	TROJ_GEN.R002C0PAN24
Tencent	Malware.Win32.Gencirc.13fdd264
Yandex	Trojan.GenAsa!wC+bj5tavwk
Ikarus	Backdoor.Win32.BO2K
MaxSecure	Trojan.Malware.2588.susgen
Fortinet	PossibleThreat
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Backdoor.Win32.BO2K.ai?

Backdoor.Win32.BO2K.ai removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X