Bulz.885994 removal instruction

The Bulz.885994 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Bulz.885994 virus can do?

Presents an Authenticode digital signature
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Bulz.885994?


File Info:
name: 3A8CB8F5CF4A3F5ACD35.mlw
path: /opt/CAPEv2/storage/binaries/44aa850805d8ef0d88990a2e3e43426f6dafc8aeb1685c987dfc9d459b163c75
crc32: 666F12C4
md5: 3a8cb8f5cf4a3f5acd3518c4b25c2844
sha1: fb7bbeee99297019978cc0831f467d2e690b23da
sha256: 44aa850805d8ef0d88990a2e3e43426f6dafc8aeb1685c987dfc9d459b163c75
sha512: de7f89f27512c9bb43b027461619b83d0b8c9190d9fc579fac4f96bf1287c34d04a18cbe19f9b1539217e26f3bc523e1485aba34f92128d6a2cb9d9a227cdcb0
ssdeep: 6144:4p0stL1HZw+l8GLD4Zw+l8GLDHp0stL1m5i2ookjHw7i633Z+:AdNl8MQl8MddMoDM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A815184CFEE54F99DFC20130CC6AC73E6524BFA00911A9BA3398FB6AE830F857519615
sha3_384: b6452595355704dcbcb2fff122884f7845cddcf47d89c5aba1b92bdc705e1ede2f8507a2f3d7b8a42f072e2742c0605c
ep_bytes: e8cf020000e974feffff558bec8b4508
timestamp: 2020-12-09 13:07:53

Version Info:
CompanyName: Oracle Corporation
FileDescription: Java(TM) Platform SE binary
FileVersion: 8.0.2810.9
Full Version: 1.8.0_281-b09
InternalName: jjs
LegalCopyright: Copyright © 2020
OriginalFilename: jjs.exe
ProductName: Java(TM) Platform SE 8
ProductVersion: 8.0.2810.9
Translation: 0x0000 0x04b0

Bulz.885994 also known as:

Lionic	Trojan.Win32.Fragtor.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Bulz.885994
FireEye	Generic.mg.3a8cb8f5cf4a3f5a
McAfee	RDN/Generic.dx
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/Generic.8d985769
Cyren	W32/Agent.DNK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Generic-9862468-0
BitDefender	Gen:Variant.Bulz.885994
Avast	Win32:VB-FBX
Ad-Aware	Gen:Variant.Bulz.885994
Sophos	Generic ML PUA (PUA)
DrWeb	Win32.HLLW.Autoruner.547
TrendMicro	TROJ_GEN.R002C0PL821
McAfee-GW-Edition	RDN/Generic.dx
Emsisoft	Gen:Variant.Bulz.885994 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Bulz.885994
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win.Generic.C4822822
ALYac	Gen:Variant.Fragtor.36779
MAX	malware (ai score=83)
Malwarebytes	Malware.AI.3696146603
TrendMicro-HouseCall	TROJ_GEN.R002C0PL821
Rising	Worm.VB!1.DA41 (CLASSIC)
Yandex	Trojan.Agent!3xfRphw2Uk0
Ikarus	Trojan.Agent
Fortinet	W32/Agent.A110!tr
AVG	Win32:VB-FBX
Panda	Trj/Genetic.gen
MaxSecure	Trojan.Malware.121218.susgen

How to remove Bulz.885994?

Bulz.885994 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X