Malware

Win32/Toolbar.AskSBar potentially unwanted (file analysis)

Malware Removal

The Win32/Toolbar.AskSBar potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Toolbar.AskSBar potentially unwanted virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Collects information about installed applications
  • Attempts to create or modify a Browser Helper Object

How to determine Win32/Toolbar.AskSBar potentially unwanted?



File Info:

name: 390FE0DA3E7FE8282ADD.mlw
path: /opt/CAPEv2/storage/binaries/caba214509d74c2130d088512a8e69ce82a65c7bdba33bb7d898f6a9d2ae0765
crc32: 1606F525
md5: 390fe0da3e7fe8282add3ce03d9f7d63
sha1: 12232e1bb48d75a4893a8292b3143641abb2c8b8
sha256: caba214509d74c2130d088512a8e69ce82a65c7bdba33bb7d898f6a9d2ae0765
sha512: 080af839299ffc693562d78403dc020a91eb76ea9404c84ce4d42ab2eff9755066509f833809bf665db7ffcd129c37f6d2e69135e403bb39e71c66e88ccc96c4
ssdeep: 12288:4TOAkRj7IqoRHaxYmzzxrFdLh/20lRSgi:46AkRjyaxYmdxdLxt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D8A47D023BE180BFE2F302305E7B3769ABF9BD204DB5D58B6B611E4D5D71985EA18312
sha3_384: 1402eed8ac5a0a26aa9bd17528cf2d76e1dd0fd594fa2f4a57cdd0ff150bf5b5e0749b585fdce8d2196378fc66313208
ep_bytes: 558bec83ec4453566a00ff1568204000
timestamp: 2007-03-03 10:01:51


Version Info:

0: [No Data]

Win32/Toolbar.AskSBar potentially unwanted also known as:

BkavW32.AIDetect.malware1
LionicRiskware.Win32.Malicious.1!c
Elasticmalicious (high confidence)
FireEyeGeneric.mg.390fe0da3e7fe828
McAfeeArtemis!390FE0DA3E7F
CylanceUnsafe
K7AntiVirusAdware ( 004bc80b1 )
K7GWAdware ( 004bc80b1 )
Cybereasonmalicious.bb48d7
CyrenW32/Mywebsearch.I.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Toolbar.AskSBar potentially unwanted
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Adware.Search-58
NANO-AntivirusTrojan.Win32.AdInstaller.iupdus
AvastWin32:Vitro [Inf]
ComodoApplicUnwnt.Win32.Toolbar.AskSBar@cp85
McAfee-GW-EditionBehavesLike.Win32.Infected.gm
SophosGeneric PUA BC (PUA)
AviraTR/ATRAPS.Gen
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftPUA:Win32/AskToolbar
GDataWin32.Adware.AdInstaller.E
CynetMalicious (score: 100)
AhnLab-V3Unwanted/Win32.Iwonbar.R25063
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34062.DqW@au5Ii9@T
MalwarebytesMalware.AI.4182617733
TrendMicro-HouseCallTROJ_GEN.R002H0CL521
RisingTrojan.Generic@ML.96 (RDML:LdtIojFnkPCWkSshBxXayQ)
YandexPUA.Toolbar!8kelEehIlCk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Razy.GS!tr
AVGWin32:Vitro [Inf]
CrowdStrikewin/malicious_confidence_80% (D)

How to remove Win32/Toolbar.AskSBar potentially unwanted?

Win32/Toolbar.AskSBar potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment