What is “SoftwareBundler.Prepscram.A7”?

The SoftwareBundler.Prepscram.A7 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What SoftwareBundler.Prepscram.A7 virus can do?

Executable code extraction
Creates RWX memory
Unconventionial binary language: Russian
Unconventionial language used in binary resources: Russian
Anomalous binary characteristics

How to determine SoftwareBundler.Prepscram.A7?


File Info:
crc32: 65B42BBF
md5: deba0451836d7959144bcf401d749c06
name: DEBA0451836D7959144BCF401D749C06.mlw
sha1: 1b9ed26593c1317ddf62386c2bab32a69c09a2a1
sha256: d4422b09257b39c69685294da18e22a3bc8559e1635ebc7b96374c53a92077de
sha512: 423d690a944f90e7a9901194f7fe4340eeb8e7d2951b5deebe7d72435effba2cd4d512f77fec55bf68776203a5949e4e921b4670475300b862614553c26e856d
ssdeep: 12288:Y9SimxakAR6Tfc0V9bkOrwMIStG9T5KBQ89z4XJ/pDWwX:RFxt1N/rISoWyXvDl
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2017
InternalName: TemplatelExeFile.rc
FileVersion: 1.0.0.1
CompanyName: TODO: 
ProductName: TODO: 
ProductVersion: 1.0.0.1
FileDescription: TODO: 
OriginalFilename: TemplatelExeFile.rc
Translation: 0x0419 0x04b0

SoftwareBundler.Prepscram.A7 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 00528e801 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Vittalia.12815
Cynet	Malicious (score: 100)
CAT-QuickHeal	SoftwareBundler.Prepscram.A7
ALYac	Gen:Variant.ClipBanker.215
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.2843996
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	AdWare:Win32/StartSurf.f85f4183
K7GW	Trojan ( 0050f44b1 )
Cybereason	malicious.1836d7
Cyren	W32/S-10b1690a!Eldorado
Symantec	SMG.Heur!gen
ESET-NOD32	a variant of Win32/Kryptik.FTMV
APEX	Malicious
Avast	FileRepMetagen [Adw]
Kaspersky	not-a-virus:AdWare.Win32.StartSurf.abpz
BitDefender	Gen:Variant.ClipBanker.215
NANO-Antivirus	Riskware.Win32.StartSurf.epsnxd
SUPERAntiSpyware	PUP.Bundler/Variant
MicroWorld-eScan	Gen:Variant.ClipBanker.215
Tencent	Malware.Win32.Gencirc.10b2db61
Ad-Aware	Gen:Variant.ClipBanker.215
Sophos	Generic PUA BL (PUA)
Comodo	Application.Win32.IStartSurf.BS@7lng48
BitDefenderTheta	Gen:NN.ZexaF.34628.Ry0@a8fnMlok
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0OAM21
McAfee-GW-Edition	BehavesLike.Win32.Generic.jm
FireEye	Generic.mg.deba0451836d7959
Emsisoft	Gen:Variant.ClipBanker.215 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	AdWare.StartSurf.afe
Avira	HEUR/AGEN.1103317
eGambit	Unsafe.AI_Score_99%
Microsoft	SoftwareBundler:Win32/Prepscram
Arcabit	Trojan.ClipBanker.215
AegisLab	Adware.Win32.StartSurf.2!c
ZoneAlarm	not-a-virus:AdWare.Win32.StartSurf.abpz
GData	Gen:Variant.ClipBanker.215
AhnLab-V3	PUP/Win32.StartSurf.R204081
Acronis	suspicious
McAfee	PUP-XBS-KX
MAX	malware (ai score=85)
VBA32	AdWare.StartSurf
Malwarebytes	Generic.Trojan.Bundler.DDS
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0OAM21
Rising	Trojan.Kryptik!1.AB1C (CLOUD)
Yandex	Trojan.GenAsa!IRcZAhjZ7uU
Ikarus	PUA.Bundler
Fortinet	W32/Kryptik.GGTA!tr
AVG	FileRepMetagen [Adw]
Qihoo-360	Win32/Adware.Generic.HwoCEpsA

How to remove SoftwareBundler.Prepscram.A7?

SoftwareBundler.Prepscram.A7 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X