I Didn't ASK For This!
A reader asks: “How do I get rid of the ASK virus that hijacks my browser and configure my computer so I never see it again?? I have internet security software, but that didn't stop it. Is there a way to block ASK so I never have to deal with it again?” |
How to Remove the Annoying ASK.com Malware
I assume we’re talking about Ask.com malware. Technically, it’s not a virus because it does not reproduce and distribute itself. But it’s definitely one of the most irritating, widespread, and hard to eradicate specimens of marketing malware infections euphemistically called “potentially unwanted programs.”
Before I get into getting rid of Ask.com, let me discuss what it is and how it infects computers.
The Ask.com Web site started in 1995 as a Q&A style cross between an encyclopedia and a search engine. It allows users to pose questions in “natural language” and attempts to provide succinct answers from its knowledgebase as well as search results drawn from other sites. Users can also consult each other, similar to Yahoo Answers.
Ask.com was born as AskJeeves.com, “Jeeves” being a fictitious question-answering valet. Jeeves “retired” in 2005 when InterActiveCorp (IAC) bought the AskJeeves business; his name was dropped, leaving just Ask.com. IAC owns about 150 Internet brands including About.com, CitySearch, Dictionary.com, Match.com, Tinder, and Vimeo. Dragging visitors to those sites is the company’s highest priority. The Ask.com malware is IAC’s lasso.
To be fair (although I'm not sure it's deserved in this case) the Ask.com toolbar and related components are not truly a virus. It's not malicious, at least in the sense that it doesn't turn your computer into a spam-spewing zombie, steal your passwords, or lock your files and demand a ransom. But it is a very annoying and difficult to remove example of adware. The prefix "mal" means "bad" so I'm okay with calling it malware.
The Ask.com malware package does three things to victims’ computers. First, it adds the Ask.com toolbar to a victim’s Web browser(s). It also changes a browser’s default homepage and default search engine to Ask.com. Third, and most obnoxiously, search results are dominated by ads for IAC properties and its partners in an ad network.
Uninstalling the toolbar via Windows Control Panel’s “uninstall a program” feature will not reset your homepage and default search engine to their original preferences, nor will it get those sneaky ads out of your search results.
Manually resetting your homepage and search engine works fine until you close and restart the browser. But no matter how many times you do this, the Ask.com changes keep coming back, like a horsefly on a hot summer day. The Ask.com malware bundle hides itself in your operating system much like a rootkit, eluding detection by many anti-malware scanners. It takes special effort and specific tools to eradicate it entirely.
REMOVAL: Here are the Recommended Steps:
Step 1: Uninstall the Ask.com toolbar via Control Panel’s “uninstall a program” feature. That’s not as simple as it sounds. The Ask toolbar program may be masquerading as “VacationXplorer Internet Explorer Toolbar" or something else with "toolbar" in the name. Scroll down the “publisher” column in the list of programs you can uninstall, and remove anything whose publisher is Ask, Mindspark Interactive Network, InterActiveCorp, or APN, LLC.
Step 2: Reset your browser(s) to factory defaults (the original "just installed" settings). See my article, Should You Reset Your Web Browser? for instructions on how to reset Internet Explorer, Chrome, and Firefox.
With apologies to Monty Python, Ask is "not dead yet." Your computer is still infected with the Ask.com malware. After resetting your browsers, do not open any browser until the rest of these steps are completed, or your browser(s) will be hijacked again.
Step 3: Run the free MBAM (MalwareBytes Anti-Malware) utility to root out the Ask.com malware and the changes it made to your registry settings. You can learn about and download MBAM here.
Step 4: With a stubborn infection like Ask.com, it’s always advisable to use two “antibiotics” in case one misses some deeply buried traces. Two good options for a “second opinion” are HitMan Pro and AdwCleaner.
Blocking Future Ask.com Infections
Preventing re-infection with Ask.com malware is a matter of vigilance – yours or your anti-malware software’s. To the best of my knowledge, Ask doesn't sneak in as a "drive-by" download. It does take some user action to "allow" the installation of this nuisance. But it's often bundled with other software that you do want, using carefully hidden pre-checked boxes that give implicit permission.
One high-profile example is Oracle's Java software, which tries to foist the Ask Toolbar on you every time there's a Java security update. Adobe Reader is another culprit. These companies get money from IAC for every Ask install, so they have no incentive to stop (except for the fact that their reputation is further tarnished). See Downloading? Watch Out For These Danger Signs.
You must carefully read every screen of every new program or update that you install on your computer. Be sure to opt out of installing Ask.com and other “bonus” software bundled with what you really want. If you don’t trust your own diligence, use anti-malware software with real-time Web protection. This feature, which goes by other names, monitors Web traffic and your browser, detecting things like Ask.com malware before they’re downloaded and blocking attempts to change your browser settings.
Finally, you should know about Ninite, a nifty tool that automates many software installs, and ensures that you don't get nasty foistware.
Your thoughts on this topic are welcome. Post your comment or question below...
|
|
This article was posted by Bob Rankin on 15 Jan 2015
For Fun: Buy Bob a Snickers. |
Prev Article: Geekly Update - 09 January 2015 |
The Top Twenty |
Next Article: Ransomware Strikes Again - Cryptowall |
There's more reader feedback... See all 36 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- I Didn't ASK For This! (Posted: 15 Jan 2015)
Source: https://askbobrankin.com/i_didnt_ask_for_this.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "I Didn't ASK For This!"
(See all 36 comments for this article.)Posted by:
Mike
15 Jan 2015
I recently began using small utility called Unchecky which is great at UNchecking all of those unnoticed boxes(from Java, Adobe, etc.) which would enable unintentional downloads of ASK (and other PUP's). It has also warned me when I thought I was agreeing to a continuation of a wanted download that I needed to decline this section because it was now allowing something else. It has saved my keister a number of times...I love it!
Posted by:
Carole
15 Jan 2015
That was a very interesting article about Ask.com. I wasn't aware that the website has been sold 10 yrs. I haven't had any problem with my browser. After reading your article, you can be assured I won't use it again. Thank you for sending out an email regarding this website.
Posted by:
Ed
15 Jan 2015
You must download malwarebytes BEFORE cleaning the browser. Otherwise it is impossible to not use the browser until after running Malwarebytes. (unless it is already on the system)
Posted by:
Jim Vandermaas
15 Jan 2015
On Outlook I always see the button for 'unsubscribe'. I believe this is required by law. Why isn't ask.com also required to do this. How about equality under the law. If they make it hard to be free then aren't they kidnapping my computer? By the spirit of the law this sounds illegal.
Posted by:
Robert
15 Jan 2015
Hi Bob, can you let us know how to get rid of Trovi Toolbar?
Also the many PopUps that state we need to update something, which are really Malware.
Thanks.
Posted by:
Bob
15 Jan 2015
Bob, this is strictly "off-topic", but when I tried to link to your new Backups Ebook from this topic, this is where it took me.
http://rankinfile.com/
EDITOR'S NOTE: Sorry about that. The correct link should be http://data-diisaster.com
Posted by:
Jeff
15 Jan 2015
Well, once again you've knocked it out of the park!Now I've gotta print this one out and put it in my computer fix-it binder for future reference.
Haven't personally had any problem with this, but I have seen the pre-checked boxes on software installs.
Great tip on the "alternative anti-biotics" - I'll be looking into those also!
Posted by:
Martin Gouldthorpe
15 Jan 2015
Thank you Bob for another splendid article. I have been so helped by your wise advice. Thanks also to many who have posted additional pieces of advice and recommendations. I recently somehow picked up a PUP. Malwarebytes was the programme that cleared it out.
Posted by:
Charles
15 Jan 2015
One word comment... THANKS
Posted by:
Charles
15 Jan 2015
I use a slightly different way to remove garbage like ASK.
I use mithicsoft- File Locator Pro. It will find anything on your computer and then open or delete.
Perhaps dangerous, but it works for me and so far (several years of usage) it hasn't done any damage.
Posted by:
tony
16 Jan 2015
Hi Bob, nice explanation about ask.com and its related.
IMHO AdwCleaner is enough to get rid ASK.com (toolbar, homepage browser, default search).
or simply I use Avast browser cleaner.
Posted by:
MmeMoxie
16 Jan 2015
In one of your earlier articles, about PUP's ... I learned about Unchecky, from one of your readers. I checked it out and immediately, installed it on my own computer!!!
I was and still am, very impressed with this small coded program. It doesn't take up any real space and simply WORKS!!!
As for removing any malware, that might get on my computer ... stuff, still just happens ... I use Privazer, Malwarebytes, CCleaner and Glary Utilities to remove it or them. It really depends on how bad the malware is. Oh, I know, malware is malware. However, there are various levels of malware. Some can be removed, rather easily ... While others, it almost takes an Act of Congress, to remove it or them!!!
When, I have a malware, extremely difficult to remove ... I will use Privazer, to help with cleaning out my browser and what just might be in some of my computer files. Then, I will use Malwarebytes, then CCleaner and finally, Glary Utilities. When I am done and know that I don't have any malware left ... I will Defrag and Optimize my computer, to get it back up to snuff.
But, in all honesty ... I first defense against malware is Unchecky. I have found, that it really does work and helps me to not have to do a whole removal regime!
Bob, you have been my mentor, by routinely reporting to us, about what good programs are out there, to protect us, from our own human failings. Thank you, once again, for all that you do, in helping us to help ourselves!!!
Posted by:
GerryR
16 Jan 2015
1) AdwCleaner not only gets rid of malware - it also uninstalls perfectly good programs. Therefore it should only be a last choice.
2) JRT (Junkware Removal Tool) is a wonderful DOS program which does just what its name says it does, and it does it very well without the unfortunate side effects of AdwCleaner. RogueKiller used to be a valuable tool in the arsenal against malware but the author sold out and now this program installs the ASK toolbar. Fortunately I have an older copy of this very powerful program from before he sold out to the"forces of evil".
3) Both Ninite (which only installs freeware) and unchecky are valuable tools in anyone's arsenal. SUPERAntiSpyware gets rid of PUPs. If, as I do, one uses Chrome and Gmail it also temporarily gets rid of Chrome's tracking cookies, but Google is not to be denied. While Chrome and Gmail are very secure against outside malware, they load you up with their own trackers in moments.
Posted by:
Bob Greene
16 Jan 2015
RevoUninstaller is free, and has been very good at removing some of the worst "Ask"-league offenders. However, using MalwareBytes is also essential, just to be sure.
RevoUninstaller is useful for also non-malware which simply does not uninstall itself completely, leaving folders and other traces in the system.
Whenever I have the slightest question about whether an uninstallation went correctly, I use RevoUninstaller. This judgment is based on having been completely satisfied, but without having tried other applications.
Posted by:
Noémia Cravo
16 Jan 2015
I'm Portuguese and badly understand computers but I want to say: THANK YOU VERY MUCH, BOB!!! Your blog it's being very useful to me. Thank you once more!
Posted by:
JDuncan
16 Jan 2015
The easiest thing I found is the Ask.com Removal Tool at: http://apnmedia.ask.com/media/toolbar/utilities/ApnRemover.exe This seems to get it all out in one fell swoop.
Posted by:
Techy Librarian
16 Jan 2015
The best way to avoid the ASK assimilation is to simply read the installation windows that pop up during installation and/or update of certain popular software (like Java and Adobe). Read, uncheck, and avoid the hassle!
Posted by:
RandiO
16 Jan 2015
"Once Bitten Twice Shy" answer should also include to never click on a google link that is sourced from ask.com website! I've been lucky enough to never being hit by this issue!
Posted by:
pshaw
16 Jan 2015
I managed to get rid of Ask.com. I got rid of the constant PUP crap. Now if you'd please tell me how to get rid of Vosteran. MBAM catches it every day. I want it gone.
Posted by:
Robert
19 Jan 2015
Good advice as usual. MBAM should be one of the first programs one installs on any new computer right of the bat.
And I'm going to repeat a comment I made in another one of your discussions:
When installing a new softare download, if a dialog box pops up with "Standard Install (recommended)" and "Custom Install" (or similar wording), ALWAYS pick "Custom." If you do a little investigation you usually find the "Standard" (often also labeled "recommended") install includes such foistware/malware goodies like those unwanted toolbars and search engines. Obviously an attempt to "bury" the crapware in hopes the "typical" user (AKA victim) makes the mistake of trusting the source...