Trojan

Trojan.BundleInstaller removal instruction

Malware Removal

The Trojan.BundleInstaller is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.BundleInstaller virus can do?

  • Presents an Authenticode digital signature
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan.BundleInstaller?



File Info:

crc32: F36850EC
md5: bdeda3a957306ec71cb60151dd1dfdba
name: Setup_9076.exe
sha1: 7ea378597ec7a154e33b3ee8507f7af5cf7b4d3e
sha256: 79e518cb442797d9755558dd9ac629f3cc96f835afaaf4c599b8e16ecc50d7ed
sha512: ad71e9a3e389b741b4af732fa37e3079aff29d3b17205ce2eda7c3fc7c9ee525d816acbae933fe85a47617975c329292a41da10b007bd92ec8036dc9d8a9a546
ssdeep: 98304:bWVbXdWrcS5n7oqkjX6Tks+qvmzE51LY8ZwNzQeQJ1Ceb9LJe3s:boR1S5n76++q+WlZi3WV
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2020  Ms Class Installer
Assembly Version: 0.3.3.4
InternalName: helium.exe
FileVersion: 0.1.2.1
CompanyName: Ms Class Installer
LegalTrademarks: 
Comments: Ms Class Installer is monetization tool for software developers. It helps in monetizing their applications, by offering additional softwares during download process.
ProductName: Ms ClassInstaller
ProductVersion: 0.1.2.1
FileDescription: Ms Class Installer
OriginalFilename: helium.exe

Trojan.BundleInstaller also known as:

MicroWorld-eScanGen:Variant.MSILPerseus.217793
ALYacGen:Variant.MSILPerseus.217793
BitDefenderGen:Variant.MSILPerseus.217793
K7GWAdware ( 0055a8e71 )
K7AntiVirusAdware ( 0055a8e71 )
ArcabitTrojan.MSILPerseus.D352C1
ESET-NOD32a variant of MSIL/ClassInstaller.A potentially unwanted
APEXMalicious
AvastWin32:AdwareSig [Adw]
Kasperskynot-a-virus:HEUR:AdWare.MSIL.KabanInst.gen
Ad-AwareGen:Variant.MSILPerseus.217793
EmsisoftApplication.Generic (A)
F-SecureHeuristic.HEUR/AGEN.1133901
DrWebTrojan.DownLoad4.13619
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1133901
MicrosoftProgram:Win32/Wacapew.C!ml
ZoneAlarmnot-a-virus:HEUR:AdWare.MSIL.KabanInst.gen
AhnLab-V3PUP/Win32.BundleInstaller.C4065729
MAXmalware (ai score=84)
MalwarebytesTrojan.BundleInstaller
PandaPUP/DownloadAssistant
GDataGen:Variant.MSILPerseus.217793
AVGWin32:AdwareSig [Adw]
MaxSecureTrojan.Malware.121218.susgen

How to remove Trojan.BundleInstaller?

Trojan.BundleInstaller removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment