About “Adware.Bulz.6592 (B)” infection

The Adware.Bulz.6592 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Adware.Bulz.6592 (B) virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Adware.Bulz.6592 (B)?


File Info:
name: 37CA2CD0143022208C79.mlw
path: /opt/CAPEv2/storage/binaries/498f7e165843a66fbaa8daa34a55028017dea2cc83b9dfa1d2452231db493c58
crc32: 100DFE7C
md5: 37ca2cd0143022208c79de5efd0dc701
sha1: bfa7960c9796cf562e0f86eec91d14db019f24bd
sha256: 498f7e165843a66fbaa8daa34a55028017dea2cc83b9dfa1d2452231db493c58
sha512: 43f24856a5a64e387d2e281536a9d3020f2bc66986da5a83a98c89189d5dffba66cdf5e26b5bb93152024ac8ed432ab845a67d0cc7d9c8dd3cc96f8d210ae24b
ssdeep: 96:uX78fUuxRfdxmi+5x5bwi+XcE2NYlnlYJnLwFL0Kffa7CBXCsB791l9bg+wFO0u3:uuHt+55zVQnlYJLeLTzMsh9Vi5GbhCy
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T167122B1253D08237CB9F17731DE39A505777D2089B379F5F29E4A23A5FA26088A93372
sha3_384: f9600b50bfd284ff99aea01e093f21d2f94e63291d0e33cf850d0a834c4b3866985d213ed55ca9db5c7145d5002e0c6a
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-01-17 17:08:28

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: virus porno.exe
LegalCopyright:  
OriginalFilename: virus porno.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Adware.Bulz.6592 (B) also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.Win32.Generic.4!c
tehtris	Generic.Malware
DrWeb	Trojan.MulDrop9.5084
MicroWorld-eScan	Gen:Variant.Adware.Bulz.6592
FireEye	Generic.mg.37ca2cd014302220
ALYac	Gen:Variant.Adware.Bulz.6592
Cylance	Unsafe
VIPRE	Gen:Variant.Adware.Bulz.6592
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 700000121 )
Alibaba	Trojan:MSIL/SecurityRisk.a4f166a5
K7GW	Trojan ( 700000121 )
Cybereason	malicious.c9796c
BitDefenderTheta	Gen:NN.ZemsilF.34698.am1@a8xtwXh
VirIT	Trojan.Win32.MSIL5.BVQU
Symantec	SecurityRisk.Dropper
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.CGX
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Msilkrypt-9856795-0
Kaspersky	HEUR:Trojan.MSIL.Dnoper.gen
BitDefender	Gen:Variant.Adware.Bulz.6592
NANO-Antivirus	Trojan.Win32.Agent.dztznw
Avast	Win32:MalwareX-gen [Trj]
Tencent	Msil.Trojan.Dnoper.Dnhl
Ad-Aware	Gen:Variant.Adware.Bulz.6592
Sophos	Mal/Generic-S
Comodo	Malware@#ga09gk70zkyi
McAfee-GW-Edition	GenericRXEH-KC!37CA2CD01430
Trapmine	malicious.high.ml.score
Emsisoft	Gen:Variant.Adware.Bulz.6592 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Generic.dpmwf
Google	Detected
Avira	TR/Dropper.Gen
MAX	malware (ai score=98)
Antiy-AVL	Trojan/Generic.ASMalwS.4675
Microsoft	Backdoor:Win32/Bladabindi!ml
Arcabit	Trojan.Adware.Bulz.D19C0
GData	Gen:Variant.Adware.Bulz.6592
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	GenericRXEH-KC!37CA2CD01430
Malwarebytes	Trojan.Script.MSIL
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:nFQsbgC9n1KpCSXZP/lJVg)
Yandex	Trojan.Dnoper!+hGpsL+10pQ
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Adware/Agent
AVG	Win32:MalwareX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Adware.Bulz.6592 (B)?

Adware.Bulz.6592 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X