Bulz.201208 (B) removal guide

The Bulz.201208 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.201208 (B) virus can do?

Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Bulz.201208 (B)?


File Info:
crc32: 476AF421
md5: 2a6002e20b75952ac87ae3c544ef91ad
name: 2A6002E20B75952AC87AE3C544EF91AD.mlw
sha1: dd721716337d1bf2a80e4735f99428ea0d3e4ec6
sha256: 5f1ff7f95776bb3ae7f92cdf603725d2de21b95ccb7b7a04eed9363086236d98
sha512: 80583e1bb92b57caee489871eac66766fc53c16cb76c66809fa2c7d6dd06982947b89177115f2ea8e7d9c0fbf03a927d2ff2fe79b2bd5b633d2b0033a9b9f689
ssdeep: 192:fzTYPaM+tUsH6OxPf0+/u/DcE89b+ZT7tBzu0gkXwWtAcTEij:fzlrtUsHRPMh/AB9b+fBaoFtA1
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright 2017 Google Inc. All rights reserved.
Assembly Version: 67.0.100.99
InternalName: clipper.exe
FileVersion: 67.0.100.99
CompanyName: Google Chrome
Comments: Google Chrome
ProductName: Google Chrome
ProductVersion: 67.0.100.99
FileDescription: Google Chrome
OriginalFilename: clipper.exe

Bulz.201208 (B) also known as:

K7AntiVirus	Trojan ( 700000121 )
Elastic	malicious (high confidence)
DrWeb	Trojan.PWS.Siggen.31367
MicroWorld-eScan	Gen:Variant.Bulz.201208
CAT-QuickHeal	Trojan.OccamyFC.S8705613
ALYac	Gen:Variant.Bulz.201208
Malwarebytes	Spyware.ClipboardStealer.Generic
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:MSIL/ClipBanker.fa9a9350
K7GW	Trojan ( 700000121 )
Cybereason	malicious.20b759
Cyren	W32/ClipBanker.M.gen!Eldorado
ESET-NOD32	a variant of MSIL/ClipBanker.LR
APEX	Malicious
Avast	Win32:DropperX-gen [Drp]
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
BitDefender	Gen:Variant.Bulz.201208
Ad-Aware	Gen:Variant.Bulz.201208
Sophos	ML/PE-A
BitDefenderTheta	Gen:NN.ZemsilF.34722.am0@aGvhlAj
TrendMicro	TrojanSpy.MSIL.CLIPBANKER.SM
McAfee-GW-Edition	ClipBanker-FCNX!2A6002E20B75
FireEye	Generic.mg.2a6002e20b75952a
Emsisoft	Gen:Variant.Bulz.201208 (B)
SentinelOne	Static AI – Malicious PE
Webroot	W32.Backdoor.Gen
Avira	HEUR/AGEN.1141214
Microsoft	Trojan:MSIL/ClipBanker
GData	MSIL.Trojan.ClipBanker.F
AhnLab-V3	Malware/Win32.RL_Generic.C3524236
McAfee	ClipBanker-FCNX!2A6002E20B75
MAX	malware (ai score=87)
TrendMicro-HouseCall	TrojanSpy.MSIL.CLIPBANKER.SM
Rising	Spyware.ClipBanker!1.D058 (CLASSIC)
Ikarus	Trojan.MSIL.ClipBanker
Fortinet	MSIL/ClipBanker.MZ!tr
AVG	Win32:DropperX-gen [Drp]

How to remove Bulz.201208 (B)?

Bulz.201208 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X