Exterminate It! Antimalware


Known threats:700,086 Last Update:March 16, 12:51


Dear Jean,

Thank you for your follow-up. I did indeed use the Submit State feature last night and this morning, your team sent me instructions to run an 'update' and then re-run Exterminate It! on the PC. I just finished that process and the new update wiped it out. I ran my regular anti-spy/anti-virus to double-check and it wasn't able to detect it either. I appreciate the support from both you and your team.

Linda D.

File: bundle.ini

Location of bundle.ini and Associated Malware

Check whether bundle.ini is present in the following locations:

Windows 2000, Windows XP, Windows Server 2003 specific bundle.ini file locations:

  • C:\Documents And Settings\USER_NAME\Templates\bundle.ini

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific bundle.ini file locations:

  • C:\Users\USER_NAME\AppData\Roaming\Microsoft\Windows\Templates\bundle.ini

If you find bundle.ini file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The bundle.ini file is associated with malware only if found in the locations listed above.


Different Variations of bundle.ini File^

File SizeFile Md5Last Seen
137512428484A49B3FB0444598933BC97DEEFeb 5, 2012
4CB492B7DF9B5C170D7C87527940EFF3BMay 19, 2012
2206D18D3785461ADB1D592FBC81E0E67135Jun 27, 2012
28890234A1DE0929A9B898B7C207C9627BC8Aug 25, 2012
310746C98C19F7F3197B56D5158140DA941DOct 26, 2012
2397F4E9758CF14DABA1FD56D329ADF57EDEJan 23, 2013
2875EE1C1F2B6BDBAC6A36168933A62CE6BBFeb 11, 2013
3130705B9ABC2ED3C9F8AC799DC05F624127Feb 17, 2013
2621C7DB3DD88B0651253ADBD8751E3FC2BBMar 9, 2013
2867D2583070F3E2F0025FCDF3FF5BB7AA07Mar 21, 2013
3086D68488EEA651F8472982FF836C2A6389Apr 7, 2013
2558073C31BCACFC469C5FA519B77D7FDC4CApr 17, 2013
3055D696E3AE5B1B46FE32079AC4E4474299Jun 17, 2013
33489628D2B14034890A44C44FC22C56E10FOct 5, 2013
3119AF2B625A10906EF27AA2692DED34934DApr 30, 2016

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove bundle.ini^

  1. To enable deleting the bundle.ini file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select bundle.ini and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of bundle.ini and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of bundle.ini and Associated Malware.
  6. Notes:

    • The deletion of bundle.ini will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of bundle.ini will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a bundle.ini malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type bundle.ini. The name of the first found registry value referencing bundle.ini is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to bundle.ini, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of bundle.ini and Associated Malware.