Ask Ali browser extension (fake) - Free Guide

What is Ask Ali browser extension?

Ask Ali extension pretends to provide shopping services to gain control over browsers

Ask Ali bombards users with pop-ups, banners, and redirects

Ask Ali browser extension is promoted to be “one of the most prominent online shopping services.” In reality, the plugin does not provide any helpful functions to users. Instead, it starts generating advertisements, like pop-ups, banners, and redirects. Because the creators do not care about user privacy or security they may use rogue advertising networks that display ads leading to dangerous websites.

The name and logo of the app imply that it is associated with AliExpress – an online retail service. But it is important to state that AliExpress or Alibaba Group have nothing to do with this fraudulent campaign. Crooks often use well-known company names to make them seem legitimate and gain trust. You may often see messages like “Recommended by Chrome” or that an extension was created in collaboration with a big company like Google.

Such applications aim to make a profit from users' clicks. That can be done by placing ads containing affiliate links or promoting scams and PUPs (potentially unwanted programs),^[1] or even malware. Another way that fraudsters can make money is by monitoring users' browsing activities. They can later sell the collected data to third parties.

Distribution methods

Ask Ali, in particular, was found to be distributed through a number of channels. First of all, it was found on the official Chrome web store. Although it is rare, some browser hijackers sneak through an extensive review process. We always recommend our readers to only use official sources but you should also do your research.

Read the reviews, look at the ratings, and the number of users. It is best to choose those extensions that have plenty of feedback. You can also enter the name of the plugin into the search and see what results come up. You might notice, that if you enter the name of a browser hijacker, there is not much information you can find.

You might have also been infected with this PUP by browsing through shady websites. They often engage in illegal activities and are full of deceptive ads and sneaky redirects because they are unregulated. Suspicious-looking pages may show up rushing you to download a plugin because “Your PC is at risk”, etc. There are many social engineering methods crooks use to convince people to press the “Download” button.

Another possibility is that Ask Ali was added by adware. It is a type of program that acts in the background without the users' knowledge. It can cause an increase of commercial content on the machine and collect revenue with PPC advertising.^[2] Depending on the type of infection, you might have to apply different removal methods which are listed down below.

Ask Ali was found to be spread through multiple sources

Start the removal

The first thing you should do is go to your browser settings and check if you see any extensions with a similar name or suspicious-looking add-ons in general. You can follow our guide if you need help:

Google Chrome

• Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
• In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove.

MS Edge:

1. Select Menu (three horizontal dots at the top-right of the browser window) and pick Extensions.
2. From the list, pick the extension and click on the Gear icon.
3. Click on Uninstall at the bottom.

MS Edge (Chromium)

• Open Edge and click select Settings > Extensions.
• Delete unwanted extensions by clicking Remove.

Mozilla Firefox

• Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
• Select Add-ons.
• In here, select unwanted plugin and click Remove.

Safari

• Click Safari > Preferences…
• In the new window, pick Extensions.
• Select the unwanted extension and select Uninstall.

Elimination of PUAs

If the previous removal method did not get rid of the intruder, you most likely have an unwanted program performing tasks in the background. In this case, simply removing the plugin from the browser will not help, and the application will keep messing up the settings until you completely eliminate it from your system.

Identifying the program responsible for hijacking your browser might be difficult if you have never done this before and if it is not named the same as the plugin. It could be disguised as an antivirus, image editing software, or anything else. If you are not sure what to do and you do not want to risk eliminating the wrong files, we suggest using SpyHunter 5Combo Cleaner or Malwarebytes security tools that will scan your machine, eliminate it, and prevent such infections in the future by giving you a warning before a malicious program can make any changes.

If manual removal is what you prefer, we have instructions for Windows and Mac machines:

Windows 10/8:

1. Enter Control Panel into Windows search box and hit Enter or click on the search result.
2. Under Programs, select Uninstall a program.
3. From the list, find the entry of the suspicious program.
4. Right-click on the application and select Uninstall.
5. If User Account Control shows up, click Yes.
6. Wait till uninstallation process is complete and click OK.

Windows 7/XP:

1. Click on Windows Start > Control Panel located on the right pane (if you are Windows XP user, click on Add/Remove Programs).
2. In Control Panel, select Programs > Uninstall a program.
3. Pick the unwanted application by clicking on it once.
4. At the top, click Uninstall/Change.
5. In the confirmation prompt, pick Yes.
6. Click OK once the removal process is finished.

Mac:

1. From the menu bar, select Go > Applications.
2. In the Applications folder, look for all related entries.
3. Click on the app and drag it to Trash (or right-click and pick Move to Trash)

To fully remove an unwanted app, you need to access Application Support, LaunchAgents, and LaunchDaemons folders and delete relevant files:

1. Select Go > Go to Folder.
2. Enter /Library/Application Support and click Go or press Enter.
3. In the Application Support folder, look for any dubious entries and then delete them.
4. Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and terminate all the related .plist files.

Now that your machine is clear from intruders, you should get rid of all the data that might have been collected about you, while it was in your machine. For this, you need a different tool – FortectIntego, which is a multi-purpose maintenance software. It will fully clear your browsers from cookies^[3] and cache, which will result in better performance of your machine. Besides that, it can be useful in fixing various more complicated system errors that are caused by corrupted files, registry issues, etc.

The next time you are trying to download freeware, make sure to be very careful, and not rush. Be sure to choose “Custom” or “Advanced” installation methods, read the Terms of Use and Privacy Policy, and most importantly, check the file list up for installation – if you see any files that seem out-of-place, untick the boxes next to their names. This is the most you can do during the installation. Keep in mind, that the program itself, that you are trying to install, can be a PUP.