Exterminate It! Antimalware

malpedia

Known threats:688,080 Last Update:December 14, 08:29

Testimonials

Dear Exterminate It,
I just wanted to take a moment to say thank you.
Your response and the update has fixed my problem.
I have spent several weeks fiddling around trying to resolve it, and could not and my previous Anti-Virus program could find it but not fix it.

THANK YOU, THANK YOU, THANK YOU!!!

Sincerely yours,
Bountiful, Utah

David S. B.

File: Ask.xml

Location of Ask.xml and Associated Malware

Check whether Ask.xml is present in the following locations:

Ask.xml file locations that are Windows version independent:

  • C:\Program Files\mozilla firefox\browser\searchPlugins\Ask.xml
  • [%PROGRAM_FILESX86%]\Mozilla Firefox\browser\searchplugins\Ask.xml

Windows 2000, Windows XP, Windows Server 2003 specific Ask.xml file locations:

  • C:\Documents And Settings\USER_NAME\Application Data\Mozilla\Firefox\Profiles\x77bntj6.default\searchplugins\Ask.xml
  • C:\Documents And Settings\USER_NAME\Application Data\Mozilla\Firefox\Profiles\su237o0w.default\searchplugins\Ask.xml
  • C:\Documents And Settings\USER_NAME\Application Data\mozilla\firefox\profiles\[%PROFILE_FOLDER%]\searchplugins\Ask.xml

Windows Vista, Windows Server 2008, Windows 7, Windows 8 specific Ask.xml file locations:

  • C:\Users\USER_NAME\AppData\Roaming\Mozilla\Firefox\Profiles\x77bntj6.default\searchplugins\Ask.xml
  • C:\Users\USER_NAME\AppData\Roaming\Mozilla\Firefox\Profiles\su237o0w.default\searchplugins\Ask.xml
  • C:\Users\USER_NAME\AppData\Roaming\mozilla\firefox\profiles\[%PROFILE_FOLDER%]\searchplugins\Ask.xml

If you find Ask.xml file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The Ask.xml file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of Ask.xml File^

File SizeFile Md5Last Seen
266413EA21AEE7EED04BB07FF08BF99EA114Feb 18, 2017
26643F7E0C6C5367CCDD38D6A5E869CAD6DEFeb 20, 2017
2666BCA4B91CF5BC2B4FE5CF46CCA2AED3EDFeb 22, 2017
26643FB9DE2C11EFE6A5784EA3ED7838EB66Feb 23, 2017
2664FFCE1ED3AC93BDE538593071E124F179Feb 24, 2017
266440D06ED3F4509D98335811F0D0658E65Mar 2, 2017
266422D6504AE504D15F2ED4805F736DF124Mar 15, 2017
2662569FA01F868FE3F02E0650ED87A3603CMar 21, 2017
26644DBD8D69643BF966CCB3254DFC380ECCApr 1, 2017
266456603DDAA436F74A1500E8066E7C889EApr 2, 2017
26645625FB94739151648520EDBDF6E4C562Apr 11, 2017
2664E93E82FE21879D70B99DED181E2A0F2EApr 11, 2017
2664A8F18DEB726C93D4CFDD78E175BA792AApr 18, 2017
26661009219F1F46619A2339ACC8FD29D109Apr 23, 2017
266696C9CEFDEFFF23F84508F451CAB5399EApr 24, 2017
26644935F785A9DA25B70189B6F134F96563Apr 29, 2017
26623A6420EAAAB38F257E2F4D8306215D57May 12, 2017
26662B15527E99A1934A2EB0E552E21C277EMay 12, 2017
26641A61B8DD897558499BB5DB2C0A5B7334May 13, 2017
2660BA6CE3FF3E817272FA95B8FF0FD50A6FMay 15, 2017
2662C05C3200FC5D2ACCC5CA6EF1FD6F8AF5May 17, 2017
2662955C9EC25A3C44533860C607CE9961C4May 17, 2017
2664BD528806B47426B640E46D171153305EMay 19, 2017
26609AACA83357F17AE60BCE1F5DC020253AMay 20, 2017
2664368F7184167A17E82DA9FEFB24591117May 22, 2017
2664007714B12A5D4EDE647D97176B2DAAFDMay 23, 2017
26646C458B50FF383F42670CF538566FB681May 25, 2017
266494083553858669D7FDF04C0A99F6FB95Jun 1, 2017
26646B3C25776EA36F7A75E1348AB2D4B81CJun 4, 2017
266642F093134BB60D6A01B39EBFB0C03A23Jun 24, 2017
26620C2669DD1A10F3F076D3946937FC746BAug 27, 2017
26620A4A6D333D15B01E14F2852DBA474E39Aug 18, 2017
2666D787C929D523CB173708932FA0BB66ADSep 3, 2017
2664A637578987DA9E449D7483BA0C22CB28Nov 9, 2018

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove Ask.xml^

  1. To enable deleting the Ask.xml file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select Ask.xml and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of Ask.xml and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of Ask.xml and Associated Malware.
  6. Notes:

    • The deletion of Ask.xml will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of Ask.xml will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a Ask.xml malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type Ask.xml. The name of the first found registry value referencing Ask.xml is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to Ask.xml, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of Ask.xml and Associated Malware.