Bulz.441226 removal guide

The Bulz.441226 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.441226 virus can do?

Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.441226?


File Info:
name: 15347DC59313B07D43CD.mlw
path: /opt/CAPEv2/storage/binaries/7ec33e85e0cdd6b22dbd5ea4d1ac82671ad674d782071a25e0ce6bab39cc8f83
crc32: 4232E054
md5: 15347dc59313b07d43cd459f41edb97f
sha1: 6426a3e9d6a8f0ac11708ff796e0a0dbdd1e7452
sha256: 7ec33e85e0cdd6b22dbd5ea4d1ac82671ad674d782071a25e0ce6bab39cc8f83
sha512: 2fafa1f18cc7841d0ba057e14c5a488164d0703fe9f0cf3c47b92beb5d82ba5a7af2de29083c9ffb6f7d2f186f12bacedd633cc8e908205ff4bfc020905724f9
ssdeep: 24576:W8OBA5N/HEp6uulnlqh8OBA5N/HEp6uugH35DMw2n/qIjtAT3G:NOBkEp6IyOBkEp6+35DMnCIjtAy
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D0B54B0DFFE04EB9E9630632CDB5A37D617ABD605931E20B234C3A0DE971F919926712
sha3_384: fe6d0fa1f62b84213faafca415c45287fe555d6c3cc5de5b71a8de08220fbe1873540454dc4be2da3c0b7d8eef0b4cee
ep_bytes: e829040000e9a9fdffffcccccccccc8b
timestamp: 2016-01-29 01:25:53

Version Info:
Platform: NT
LegalTrademarks: Microsoft SQL Server is a registered trademark of Microsoft Corporation.
Comments: SQL
GoldenBits: False
CompanyName: Microsoft Corporation
FileDescription: SQL External minidumper
FileVersion: 2011.0110.9167.944 ((BI_Office_Stab).160128-1649)
InternalName: SqlDumper
LegalCopyright: Microsoft Corp. All rights reserved.
OriginalFilename: SqlDumper.exe
ProductName: Microsoft SQL Server
ProductVersion: 11.0.9167.944
Translation: 0x0409 0x04b0

Bulz.441226 also known as:

Bkav	W32.AIDetect.malware1
Lionic	Worm.Win32.AutoRun.o!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.441226
FireEye	Gen:Variant.Bulz.441226
ALYac	Gen:Variant.Bulz.441226
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Virus:Win32/Bladabindi.37a9d684
CrowdStrike	win/malicious_confidence_60% (W)
Baidu	Win32.Trojan.VB.t
Cyren	W32/Bladabindi.B.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Paloalto	generic.ml
ClamAV	Win.Trojan.Generic-9865438-0
Kaspersky	UDS:Worm.Win32.AutoRun.vx
BitDefender	Gen:Variant.Bulz.441226
Avast	Win32:VB-FBX
Emsisoft	Gen:Variant.Bulz.441226 (B)
DrWeb	Win32.HLLW.Autoruner.547
TrendMicro	TROJ_GEN.R03BC0PAV22
McAfee-GW-Edition	BehavesLike.Win32.Generic.vm
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Jiangmin	Packed.Krap.gvxk
Avira	HEUR/AGEN.1141745
Antiy-AVL	Trojan/Generic.ASBOL.C6BA
Microsoft	Trojan:Script/Phonzy.C!ml
GData	Gen:Variant.Bulz.441226
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.RQ.R470031
McAfee	GenericRXRH-RQ!15347DC59313
MAX	malware (ai score=86)
Malwarebytes	Malware.AI.2797890020
TrendMicro-HouseCall	TROJ_GEN.R03BC0PAV22
Rising	Worm.VB!1.DA3E (CLASSIC)
Ikarus	Virus.Win32.Ipamor
Fortinet	W32/Ipamor.EC5A!tr
AVG	Win32:VB-FBX
Cybereason	malicious.9d6a8f

How to remove Bulz.441226?

Bulz.441226 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X