OFFER*Source of claim SH can remove it.
The following article is dedicated to the removal of Maxask.com. We will also list some common related malware infections before the guide, in case your PC is clogged up with several PUPs and you are cannot distinguish between legitimate apps and those related to the problem.
What is Maxask?
Maxask is what’s known in the anti-malware community as a browser hijacker, a type of malicious software that changes the settings of web browsers with no notification or consent. To be exact, this one reroutes all your searches to the Maxask.com domain. Whether this infects all searches or changes the homepage just once is debatable, since our research discovered the infection uses different vectors (methods) for Chrome and Edge and doesn’t behave the same way in the browsers.
In the simplest terms, Maxask is a site brought from the ground up by malware creators to generate ad revenue by promoting banners through its search. It’s the most commonly spotted type of redirect in the security business. The search itself is a modified version of Google and for most searches will behave normally. But Maxask.com is, in essence a “bad” idea, since it change from day to day depending on who buys ad space in the searches – and that may be a creator of legitimately scary malware like the Veza Virus, for example.
Is Maxask Dangerous?
Maxask doesn’t appear to be particularly aggressive in injecting ads, so it is among the less dangerous types of browser hijackers. But that sounds pretty misleading in itself – when maxask.com is found on a user’s device, it indicates a fundamental breach of security and privacy. This hijacker can not just disrupt browsing activities, it opens the door for criminals to infect your system with worse things if they decide to promote ads on the rogue engine.
This is the fundamental problem, and herein lies the danger. On platforms like Google Ads and Bing Ads, there are standards and oversight, and culpability if you do something wrong. You can’t just promote whatever you want however you want without facing repercussions. But places like Maxask take the money hand over fist and don’t look at anything because they are designed to make as much money the quickest possible. Then when they get a bad reputation, the domain will be abandoned, and on to the next one.
A worse effect of what I just said is that if non tech savvy people engage with these results enough, they can end up installing something else, even without noticing completely. Stuff like installers, apps and fake downloads are easy to spot, but what if you want to install an extension from the Google store, for example? The problem is that you can’t rely that what you are seeing is the legitimate and real version you would’ve seen without the infection. And if you install additional malware, all bets are off – your PC will be in much worse shape.
Examples of how Maxask Behaves
When we researched Maxask, the following thing happened to us. We entered a promoted website that appeared in the search for the word “game”, but was a rather shabby online casino. It immediately asked for permission to send us notifications, which we did not agree to, but maybe there are users who will.
At this point, let’s say you are not very computer literate and you click “Allow”. The page’s small print directed us to an agreement that we will opt-in to receive promotional SMS messages for which WE will pay, and we can’t opt-out with fewer than 6 messages. That’s 10$ on the mobile bill for something we were not told in any way. This constitutes a scam. Normally, such a website wouldn’t even appear on a reputable engine.
How Maxask Finds Its Way Into Your Computer
The most common way to spot Maxask.com is to observe whether your search results originate from Google. Another easy tell is if search results are riddled with advertising beyond what’s normal for Google’s sponsored links, as in the ads look different from normal, or appear on hyperlinked words on pages.
But for how it got there in the first place? Our research showed us that some benign browser extensions which users used for for months or years suddenly began enforcing Maxask as a search engine. The ones users reported are Full Screen Capture and Smart Download Video, but this is in no way an exhaustive list. Normally, hijackers can take other routes. In this case, it appears they just bought small free extensions.
I highly doubt the two names I mentioned are the only ones, and you shouldn’t rely on these names in any case. Sometimes hijackers straight up change the names of extensions or install new ones you’ve never seen before.
There are many other channels for hijackers, like Boyu.com.tr and Chromstera, to get installed but we haven’t seen Maxask rely on any of them. Still, it’s good to know thy enemy in case things change. Such methods include bundling with shareware software – basically the app version of what happened with the extensions we mentioned above. In these cases users unknowingly allow hijackers in when they hurriedly go through installation steps and forget to deselect optional offers. I’ve personally been asked a couple of times to install the Opera browser this way.
Phishing is another method that works, but only through someone who is already infected. At that point a hijacker can send WhatsApp messages and the like to contacts of the infected user, and if someone clicks a link, they immediately install the bad stuff as well.
SUMMARY:
| Name | Maxask |
| Type | Adware/Browser Hijacker |
| Detection Tool | We tested that SpyHunter successfully removes parasite* and we recommend downloading it. Manual removal may take hours, it can harm your system if you re not careful, and parasite may reinstall itself at the end if you don't delete its core files. |
*Source of claim SH can remove it.
Remove Maxask Virus
To try and remove Maxask quickly you can try this:
- Go to your browser’s settings and select More Tools (or Add-ons, depending on your browser).
- Then click on the Extensions tab.
- Look for the Maxask extension (as well as any other unfamiliar ones).
- Remove Maxask by clicking on the Trash Bin icon next to its name.
- Confirm and get rid of Maxask and any other suspicious items.
If this does not work as described please follow our more detailed Maxask removal guide below.
If you have a Windows virus, continue with the guide below.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide.
Some of the steps may require you to exit the page. Bookmark it for later reference.
Next, Reboot in Safe Mode (use this guide if you don’t know how to do it).
Uninstall the Maxask app and kill its processes
The first thing you must try to do is look for any sketchy installs on your computer and uninstall anything you think may come from Maxask. After that, you’ll also need to get rid of any processes that may be related to the unwanted app by searching for them in the Task Manager.
Note that sometimes an app, especially a rogue one, may ask you to install something else or keep some of its data (such as settings files) on your PC – never agree to that when trying to delete a potentially rogue software. You need to make sure that everything is removed from your PC to get rid of the malware. Also, if you aren’t allowed to go through with the uninstallation, proceed with the guide, and try again after you’ve completed everything else.
- Uninstalling the rogue app
- Killing any rogue processes
Type Apps & Features in the Start Menu, open the first result, sort the list of apps by date, and look for suspicious recently installed entries.
Click on anything you think could be linked to Maxask, then select uninstall, and follow the prompts to delete the app.
Press Ctrl + Shift + Esc, click More Details (if it’s not already clicked), and look for suspicious entries that may be linked to Maxask.
If you come across a questionable process, right-click it, click Open File Location, scan the files with the free online malware scanner shown below, and then delete anything that gets flagged as a threat.
After that, if the rogue process is still visible in the Task Manager, right-click it again and select End Process.
Undo Maxask changes made to different system settings
It’s possible that Maxask has affected various parts of your system, making changes to their settings. This can enable the malware to stay on the computer or automatically reinstall itself after you’ve seemingly deleted it. Therefore, you need to check the following elements by going to the Start Menu, searching for them, and pressing Enter to open them and to see if anything has been changed there without your approval. Then you must undo any unwanted changes made to these settings in the way shown below:
- DNS
- Hosts
- Startup
- Task
Scheduler - Services
- Registry
Type in Start Menu: View network connections
Right-click on your primary network, go to Properties, and do this:
Type in Start Menu: C:\Windows\System32\drivers\etc\hosts
Type in the Start Menu: Startup apps
Type in the Start Menu: Task Scheduler
Type in the Start Menu: Services
Type in the Start Menu: Registry Editor
Press Ctrl + F to open the search window
Remove Maxask from your browsers
- Delete Maxask from Chrome
- Delete Maxask from Firefox
- Delete Maxask from Edge
- Go to the Chrome menu > More tools > Extensions, and toggle off and Remove any unwanted extensions.
- Next, in the Chrome Menu, go to Settings > Privacy and security > Clear browsing data > Advanced. Tick everything except Passwords and click OK.
- Go to Privacy & Security > Site Settings > Notifications and delete any suspicious sites that are allowed to send you notifications. Do the same in Site Settings > Pop-ups and redirects.
- Go to Appearance and if there’s a suspicious URL in the Custom web address field, delete it.
- Firefox menu, go to Add-ons and themes > Extensions, toggle off any questionable extensions, click their three-dots menu, and click Remove.
- Open Settings from the Firefox menu, go to Privacy & Security > Clear Data, and click Clear.
- Scroll down to Permissions, click Settings on each permission, and delete from it any questionable sites.
- Go to the Home tab, see if there’s a suspicious URL in the Homepage and new windows field, and delete it.
- Open the browser menu, go to Extensions, click Manage Extensions, and Disable and Remove any rogue items.
- From the browser menu, click Settings > Privacy, searches, and services > Choose what to clear, check all boxes except Passwords, and click Clear now.
- Go to the Cookies and site permissions tab, check each type of permission for permitted rogue sites, and delete them.
- Open the Start, home, and new tabs section, and if there’s a rogue URL under Home button, delete it.
Leave a Comment