Bulz.301016 (B) removal guide

The Bulz.301016 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Bulz.301016 (B) virus can do?

Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
Performs some HTTP requests
Behavior consistent with a dropper attempting to download the next stage.
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

shadeunit.club

strangerthingz.club

How to determine Bulz.301016 (B)?


File Info:
crc32: BEC0D10F
md5: 29dbd286a0ecefbc91e17b6c1cbbb524
name: 29DBD286A0ECEFBC91E17B6C1CBBB524.mlw
sha1: 0f2abc1de943c5d6459917bf115b838420bd39ed
sha256: f8c8441b4d26d23de6d0afe6aa8a4e71752a0b2cc1a5eb87180fa60945402d52
sha512: a8122385afd93efbbdf849dc5c79d19aba4e2dd8a390dee22ca25124b1fc4eafce6cccd5c4d092eff10b4e263715eca4f6d9dc05fe026b3ef845558224e3a341
ssdeep: 3072:SrV1c41Utsu7pKUy4wJs2Tt984EUXXGuIwMlw+Dcpvr7VS9sEsrv:So4UzliJ04lT0RcRVQn4v
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:
LegalCopyright: veer iRoadProds 12 All rights reserved.
InternalName: bnon Content Installer 32
FileVersion: 5.17.21.39
CompanyName: 
Comments: janx Install  software 16
ProductName: plik NSIS 32 installer bonx
ProductVersion: 5.17.21.39
Translation: 0x0409 0x04b0

Bulz.301016 (B) also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.301016
FireEye	Generic.mg.29dbd286a0ecefbc
ALYac	Gen:Variant.Bulz.301016
Malwarebytes	Generic.Trojan.Malicious.DDS
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan-Downloader ( 0051ae7b1 )
BitDefender	Gen:Variant.Bulz.301016
K7GW	Trojan-Downloader ( 0051ae7b1 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/Tovkater.P.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Downloader.Win32.Tovkater.waa
NANO-Antivirus	Trojan.Win32.Tovkater.eutihs
Rising	Downloader.Tovkater!8.E5CE (CLOUD)
Ad-Aware	Gen:Variant.Bulz.301016
Sophos	Mal/Generic-S
Comodo	Application.Win32.InstallMonster.DX@7e9j3l
F-Secure	Trojan.TR/Tovkater.jaioq
DrWeb	Trojan.InstallMonster.2408
Zillya	Downloader.Tovkater.Win32.550
TrendMicro	TROJ_GEN.R002C0GLM20
McAfee-GW-Edition	BehavesLike.Win32.Downloader.cc
Emsisoft	Gen:Variant.Bulz.301016 (B)
Ikarus	Trojan-Downloader.Win32.Tovkater
Avira	HEUR/AGEN.1117983
MAX	malware (ai score=93)
Antiy-AVL	Trojan[Downloader]/Win32.Tovkater
Kingsoft	win32.unknown.virusname.(kcloud)
Arcabit	Trojan.Bulz.D497D8
ZoneAlarm	Trojan-Downloader.Win32.Tovkater.waa
GData	Gen:Variant.Bulz.301016
AhnLab-V3	Downloader/Win32.Tovkater.R350556
Acronis	suspicious
McAfee	Artemis!29DBD286A0EC
VBA32	TrojanDownloader.Tovkater
Panda	Trj/Genetic.gen
ESET-NOD32	multiple detections
TrendMicro-HouseCall	TROJ_GEN.R002C0GLM20
Tencent	Win32.Trojan-downloader.Tovkater.Hugh
Yandex	Trojan.DL.Tovkater!4KwZb1YK8L8
SentinelOne	Static AI – Malicious PE – Downloader
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Tovkater.GI!tr
BitDefenderTheta	Gen:NN.ZexaF.34804.iy0@a0wgTgci
AVG	Win32:Malware-gen
Cybereason	malicious.6a0ece
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Downloader.300

How to remove Bulz.301016 (B)?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Bulz.301016 (B) removal guide