Adware:Win32/Hotbar malicious file

The Adware:Win32/Hotbar is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Adware:Win32/Hotbar virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Adware:Win32/Hotbar?


File Info:
name: 432629BD997BF75BA238.mlw
path: /opt/CAPEv2/storage/binaries/c4805c066b3d69adb51ad4c8f4454f13c17d7ec128fffe8d3de1719eaa2dbc31
crc32: AF5B2797
md5: 432629bd997bf75ba2389adf008bf6a0
sha1: 62c3b01907e7b6bbd5e34e3a6137d9a9fa2766ce
sha256: c4805c066b3d69adb51ad4c8f4454f13c17d7ec128fffe8d3de1719eaa2dbc31
sha512: 84feef696abc3af76ec96bf91159e023e62b56f9f06b8eae451e189d67ea406b45d4f946caebd042abe1dd1c4fbc1ff71055e610cd5d11aee6f6b41096e2469c
ssdeep: 1536:JmURJAcWLuk4+9/uxUeQEMwmP4ZdyEOpM6OtqXYhaf8xOjIfeL:4URqcWLujxUvEmPfEOp9MqAafbxL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17EA38D177BD6C0B9C1E201B2DA41C7B9A7A3BA748F368903FA58070D763C695473E789
sha3_384: 97028e3fb39fddb215a4d7a36c65a3ad835c8f6403efe99a267aa4dc28df4b3936d83b6164c1347be68ee5628eba6228
ep_bytes: 
timestamp: 2011-05-20 21:07:11

Version Info:
0: [No Data]

Adware:Win32/Hotbar also known as:

Bkav	W32.AIDetectMalware
DrWeb	Adware.Hotbar.1028
MicroWorld-eScan	Trojan.GenericKD.40351294
FireEye	Trojan.GenericKD.40351294
Malwarebytes	Malware.AI.2555285833
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.d997bf
Symantec	Trojan.Gen.MBT
Elastic	malicious (moderate confidence)
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Trojan.GenericKD.40351294
Emsisoft	Trojan.GenericKD.40351294 (B)
F-Secure	Adware.ADWARE/Frozen.A
VIPRE	Trojan.GenericKD.40351294
McAfee-GW-Edition	BehavesLike.Win32.Generic.nh
Trapmine	suspicious.low.ml.score
Sophos	Generic Reputation PUA (PUA)
GData	Trojan.GenericKD.40351294
Avira	ADWARE/Frozen.A
Antiy-AVL	GrayWare[AdWare]/Win32.HotBar
Xcitium	Heur.Corrupt.PE@1z141z3
Arcabit	Trojan.Generic.D267B63E
Microsoft	Adware:Win32/Hotbar
Google	Detected
ALYac	Trojan.GenericKD.40351294
MAX	malware (ai score=89)
Rising	Trojan.Generic@AI.98 (RDML:4iux8X3Yeing/lMuSL/jZQ)
Ikarus	AdWare.Win32.HotBar
Fortinet	W32/PossibleThreat
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Adware:Win32/Hotbar?

Adware:Win32/Hotbar removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X