MaxAsk is a fake search engine that gets promoted and added to Edge, Chrome, and other browsers with the help of hijacker extensions like CelestialQuasaror, NebulaFractica, and others. I first learned about its existence almost half a year ago and made this post to explain how to remove it from the browser. I then assumed it had died out and been replaced by other similar sites.
Update 15/11/2024: Maxask currently redirects to an infected version of Bing, for which you can read more on this page. In few words, the details have changed a bit, but this shouldn’t confuse you. The removal method we outlined below still works (we tested it today). Some new extensions used by Maxask.com include Super Volume Booster, Cleanup Master Cleaner, X Cleaner, One Click Translate, Font Finder 2000, PIP (picture in picture), Fresh Cleaner, Supreme Copy, RealTwit, iTab, TabColor color picker, Color Picker, Spark YouTube AdBlock, Smart download video, Full screen capture, Full Page Screen Capture Master. As always, your best chance for removal is to remove the entire extensions folder and start clean/and or repair only the extensions you know are safe. We describe all of this in the removal tutorial for Maxask.
However, turns out MaxAsk is still around and users are constantly getting it added to their browsers as their new default search engine even though nobody wants it.
Maxask.com has poor search functionality that hardly veils its true purpose – to collect your browsing data and promote various obscure sites in its search results. And the most annoying part is that you are often not allowed to remove it from the browser and restore your preferred search provider.
Maxask Removal Tutorial
MaxAsk is typically very stubborn and doesn’t go down without a fight. Its removal requires admin privileges for some folders and the ability to delete or change them (e.g. the browser’s extensions folder is locked unless you have these privileges. But if you can manage that, you can delete it by just restoring youbrowser settings and deleting unwanted extensions, so you should try that first:
- Go to Chrome, Edge, or whatever other browser is under the effects of the hijacker.
- Click the browser’s menu and then go to Settings.
- First open the Extensions page and look through the add-ons installed there.
- Look for anything unfamiliar that could be linked to MaxAsk and click its remove button to uninstall it. Some of the extensions that you could potentially find there are CelestialQuasaror, NebulaFractica, and NebulaNanoel, AstralPlasmor but the culprit could also be something else.
- Now go to the Search Engine section, remove MaxAsk and replace it with a reliable search engine provider, such as Google or Bing.
After you perform these quick steps, restart your browser and see if things are back to normal. Try searching for something in your browser search/URL bar. If the search is handled by the search engine of your choice, it means MaxAsk is likely gone and there’s no need to continue with the more advanced steps.
If instead the hijacker problem persists, don’t worry about it. It’s to be expected. Just proceed to the detailed steps you’ll find next and perform them exactly as they are shown. Once you are done with the advanced guide, there should be no trace of MaxAsk left in your browser or system.
SUMMARY:
OFFERI can help you manually delete the hijacker, but you might have other malware in your system that has installed MaxAsk in your browser. If that is truly the case, you’ll have to delete that malware too, or the hijacker could get reinstated in your browser.
I don’t know what rogue app got you MaxAsk, so I can’t offer manual instructions on how to delete it. However, you can still use a professional removal tool to take care of any malware in your system. Spy Hunter 5, the tool you’ll find on this page, is a good option for such situations and I highly recommend it when trying to deal with annoying hijackers and any other malware linked to them.
How to Delete Maxask.com from Edge and Chrome
If Maxask wasn’t removed the easy way, as described above, it means it is relying on persistence techniques to make its removal more difficult. This indicates it either uses special policies or registries to lock you away from changing it. In more depth:
One such technique is leveraging the browser enterprise policies feature that some Chromium browsers have (including Google Chrome and Microsoft Edge).
To see if there’s such a policy in your browser, just click its menu and look at the bottom. Do you see a message stating “Managed by your organization” or something similar? If yes, then the hijacker has applied its policy and you must remove it.
First, you need to gather some info:
If you are using Chrome, go to this URL in the browser chrome://policy.
- Note: For Edge, Brave, or other Chromium browsers that have the policies feature, just replace “Chrome” with the respective browser name when typing the URL.
If you see any active policies on the page that opens, check their values and if there’s a value that looks like a random sequence of letters, copy it, then save it where you can access it later.
Save all values you deem suspicious.
You must now go to the Extensions section of your browser.
You may get redirected to Google or MaxAsk.com when trying to open the Extensions page. If that happens, perform these steps:
Navigate to: C:\Users\YourUser\AppData\Local\Google\Chrome\User Data\Default\Extensions.
You’ll find folders with strange names that look similar to the policy values you found earlier. These folders represent the extensions in your browser, including any rogue ones that must be removed.
Since you have no way of knowing which folder belongs to which extension, you must delete them all. This will corrupt both the rogue and the legitimate ones, but the latter can be repaired very easily once you are done removing MaxAsk.
Now you can return to the Extensions Manager in the browser. Once there, turn on Developer Mode. Now look at rogue extensions or extensions linked to Maxask and pay attention to their ID numbers. If the ID isn’t shown, click the extension and you’ll see it on the next page.
Like with the policy values, copy and save those IDs
Video walkthrough for this step:
Delete MaxAsk.com Items From the System Registry
Maxask can now safely be removed from your system registry before proceeding further. Make sure you don’t restart your PC for now, or the hijacker may erase what you just did in the previous steps.
You can access the registry by pressing Win + R, typing regedit, and pressing Enter.
Next, press Ctrl + F, to open the search box, and search for the policy value from earlier.
If the search finds anything (which it should), delete the key that contains it. The key is the registry folder you’ll see on the left.
Run the search again, delete the next key, and keep doing this until the search stops finding more results.
Then move on to the next policy value or to the IDs you got from the Extensions Manager.
Sometimes, hijackers make their registry keys inaccessible, which prevents their deletion. Here’s the solution:
You must Right-click on the parent of the one you are attempting to delete.
Then go to Permissions > Advanced > Change.
Type the word “everyone” in the text field, click Check Names, then click OK.
Check the two newly-appeared options, then click Apply and OK. The key will now be under your control and you’ll be able to delete it.
Video walkthrough for this step:
Other Ways to Get Rid of Maxask Virus Policies
If the Registry cleanup didn’t get the job done or if you aren’t confident enough to tinker with registry keys, here are two alternative variants that can let you get rid of rogue MaxAsk policies.
Search for the Group Policy Editor in the Start Menu and open it.
Look for the Administrative Templates item in the left panel (it’s under Local Computer Policy > Computer Configuration). Right-click on it and open Add/Remove Templates.
Now eliminate everything in the next list. No need to keep any of the items there, unless you’ve intentionally added them yourself.
If you are trying to remove MaxAsk from your Chrome browser, you can also try using the Chrome Policy Remover tool. This is a free app that runs a simple script which deletes all Chrome policies in only a couple of seconds.
Download the tool from the link I’ve provided, then run it as an Admin.
If it triggers a warning from Windows, just click “More Info” and then select “Run Anyway“. The tool is perfectly safe, so no need to worry.
Once the Chrome Policy Remover opens, it will automatically execute its script and any policies still in the Chrome browser will be removed.
Video walkthrough for this step:
Manual Group Policy Removal
Automatic Group Policy Removal
How to Remove Maxask From Edge
In the case of Microsoft edge the only thing left to do now is clean Maxask from your browser. To do that navigate to the extensions tab you probably saw earlier.
Start by going to the browser menu and opening Settings.
First, revisit the Extensions page. You already know the drill – look for CelestialQuasaror, NebulaFractica, NebulaNanoel, AstralPlasmor, or any other sketchy extensions and delete them.
Onto the Privacy and Security tab.
First, click Delete browsing data > Advanced, and put ticks in everything except the passwords box.
Then set the time range to All time and delete the data.
Next up is Site Settings (it’s also in the Privacy and Security section). In it, check each permission category and delete from it any rogue sites.
Obviously, also check the Search Engine settings. Make sure the default search tool of the browser is something reliable and not MaxAsk.
Don’t forget to open Manage Search Engines to delete MaxAsk from there along with any other unfamiliar sites.
You should also remove suspicious URLs from the On Startup and Appearance tabs to fully clear the browser.
Video walkthrough for this step:
Chrome
Microsoft Edge
Mozilla Firefox
How to Remove the Maxask Malware
As I said earlier, MaxAsk might not be the only rogue thing on your PC that you need to remove. Hijackers like it are mainly distributed with the aid of rogue software bundled with stuff you may have willingly downloaded.
For example, some malware app could have been installed on your PC after you’ve downloaded some free open-source program from an unverified developer. And if that malware isn’t taken care of, it could continue to bother you and add unwanted extensions and search engines to your browser.
For this reason, I also recommend that you go to your Start Menu, type Apps & Features, open it, and uninstall any suspicious programs listed there.
Unfortunately, that’s not always enough, so if you still think there might be malware or PUPs (potentially unwanted programs) on your PC, it’s best if you use Spy Hunter to run a full system sweep and eradicate anything that shouldn’t be there.
Leave a Comment