PUA

PUP.Optional.ASK removal instruction

Malware Removal

The PUP.Optional.ASK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What PUP.Optional.ASK virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Collects information about installed applications
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
toolbar.ask.com
a.tomx.xyz

How to determine PUP.Optional.ASK?


File Info:

crc32: 9742E2BB
md5: 46df19da9816f9e1f294fe43d2bfb035
name: dfx9Setup-WMP64.exe
sha1: 3141db52e5e1371f240e29af721947ec9fc5c056
sha256: 14d4fdf1b807aa5907ab51c8bd116854524ed4d7c6343763db1e8ab52875177c
sha512: f6cc23e1b5389a76bfaa5bc2f65a8eb6569d5f3c345a2dbd2ae27998308572198226e73a1e3fb04c0289780110916d43745c5b88f37bb288c0dd252aadfb3d1d
ssdeep: 49152:vqg4ZJ+0sS8oOXJ69FT2ipgP1UfHL3PXJE68maIvJVfPQLz3FlnIxD0sMxEqOkws:vqgIs7EF2FWf23n2o/VlIV0n+WW16oYT
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:

LegalCopyright: xa9 Power Technology
FileVersion: 9.208.0.0
CompanyName: Power Technology
LegalTrademarks:
Comments: DFX for Windows Media Player
ProductName: DFX for Windows Media Player
FileDescription: DFX for Windows Media Player
Translation: 0x0409 0x0000

PUP.Optional.ASK also known as:

Kasperskynot-a-virus:WebToolbar.Win32.Asparnet.dnq
JiangminWebToolbar.Asparnet.gx
Endgamemalicious (moderate confidence)
VBA32SigAdware.Ask.com
MalwarebytesPUP.Optional.ASK
ESET-NOD32a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe
IkarusBHO.Win32.Zwangi
FortinetRiskware/Ask
WebrootW32.Malware.Gen

How to remove PUP.Optional.ASK?

PUP.Optional.ASK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment