Ask Toolbar Now Considered Malware By Microsoft

AmiMoJo writes: Last month Microsoft changed its policy on protecting search settings to include any software that attempts to hijack searches as malware. As a result, this month the Ask Toolbar, which most people will probably recognize as being unwanted crapware bundled with Java, was marked as malware and will now be removed by Microsoft's security software built in to Windows 7 and above.

bundle

[sirber]

will java be also removed since it's bundeled with ask toolbar?

Re:bundle

[gcnaddict]

Getting there. Microsoft released a no-install version of Java bundled with Minecraft recently, so you can still play Minecraft without actually needing to hook Java into everything.

Re:bundle

This article is useless without a video of the director of Ask Software, five seconds after he heard the news.

Good fucking riddance.

Re:bundle

[robmv]

That is something Minecraft developers could have done years ago. The binary license of the JRE allows it to be bundled with an application for private use of that application.

When redistributing the JRE on Microsoft Windows as a private application runtime (not accessible by other applications) with a custom launcher, the following files are also optional. These are libraries and executables that are used for Java support in Internet Explorer and Mozilla family browsers; these files are not needed in a private JRE redistribution.

from the Java 8 README

Re:bundle

[Archangel+Michael]

Java will never be removed. However the plugin model used by Java (NPAPI) is being phased out completely, so that it won't even run on browsers. The same can be said for Flash and Shockwave plugins using that same NPAPI plugin model.

It hurts right now, but like going to the doctor to remove a big tumor, short term pain results in a healthier system.

Re:bundle

[DrXym]

That no-install version of Java is just a JRE and lots of apps bundle up a copy. It just took Mojang / Microsoft an inordinately long time to get around to doing it themselves.

Re:bundle

[tompaulco]

will java be also removed since it's bundeled with ask toolbar?

Avast tells me a couple of times a week that my GWT Developer plugin is a virus even though I tell it every time to ignore the warning and allow the plugin to run.

Re:bundle

[Khyber]

They should've used Excelsior JET instead.

Re: bundle

[kthreadd]

If it's OpenJDK they can bundle it as much as they want.

Re:bundle

[EmperorOfCanada]

Countdown to frivolous attempt at face saving lawsuit 10....9.....8.....

Re:bundle

[EmperorOfCanada]

My wife had a thing for work that needed the Java browser plugin. Her work had solidly banned it so she came to me and asked if I could get it to work. I tried to explain that she basically wanted me to have a dump into my machine. But I took a snapshot of an existing windows test VM, installed it, did her thing, and then reverted to the previous java free snapshot.

Re:bundle

This is modded totally wrong, on most computers Java is nothing but an attack surface.

Re:bundle

Getting there. Microsoft released a no-install version of Java bundled with Minecraft recently, so you can still play Minecraft without actually needing to hook Java into everything.

Not really. It just installs Java 8 for you. It ends up in the exact same path and folder as if you installed it yourself, and is just as "hooked into everything" as if you installed it directly. It's not a magic redstone version of Java, they simply install it for you, same same.

Re:bundle

[Darinbob]

I'm hoping they will automatically uninstall Chrome as well, since it somehow manages to reinstall itself surreptitiously so often. So many third party programs will install it during an update if you're not paying attention to which boxes to uncheck; and I know every time I go visit my mother she'll be asking about what this Chrome thing is and how to get rid of it. Most often it's the anti-malware software that puts that shit there, which is ironic since I consider anything being installed without my explicit permission to be malware. It should get rid of googlebar or whatever that's called, and all other opt-out software.

Re: bundle

OpenJDK is shit

Re:bundle

[Deathlizard]

Ask Toolbar is no Longer bundled with Java.

It's Bundled with Yahoo now.

Not sure if McAfee Security Scan is still in the mix.

Re:bundle

[Anne+Thwacks]

It hurts right now, but like going to the doctor to remove a big tumor, short term pain results in a healthier system.

So, like dumping Windows then!

Re:bundle

[rubycodez]

how about removing that nag-ware that reminds to update java version, can't disable in 64 bit. Some people require a certain java version for their work.....

Re:bundle

I just went to ask.com and amazingly I can't see any links to download the toolbar.

Do I have to install Java just to get the toolbar ?!

Re:bundle

[thegarbz]

Just tell her to use it and you'll stop getting support calls.

Re: bundle

Yeah if you want to kill mods use jet. Amazing logic...

Re: bundle

You can disable it in java settings

Re:bundle

[Gr33nJ3ll0]

It's not far wrong. GWT is a plague, even if it's not technically malware per se.

Re:bundle

Adobe Flash, for one, is greatly responsible for surreptitious installs of Chrome and Google Toolbar.

Re:bundle

[Blaskowicz]

Remove execution permission for the Chrome executables and throw the icon into the garbage bin?

Re:bundle

[sound+vision]

The McAffee thing is still in Flash as of yesterday (I installed it accidentally.) Not sure if it is or was ever in Java.

Re:bundle

[tompaulco]

It's not far wrong. GWT is a plague, even if it's not technically malware per se.

What would be the preferable technology to use instead of GWT?

Re:bundle

[tehcyder]

Seriously though, Windows is actually a virus!!

Literally. "Windows is literally a virus!!"

You might as well go full retard.

Re:bundle

Not sure which is worse, the toolbar or Java.

Re: bundle

[Khyber]

Uh, I've got Minecraft done with JET. Mods work JUST FINE.

It's like you don't even know how dependencies work.

Re:bundle

[gzuckier]

will java be also removed since it's bundeled with ask toolbar?

I was stupid enough to try installing Safari without realizing Apple had dropped it and it was now just a vector for search hijacker safesearch. After a long struggle i got it removed from everywhere except the actual Chrome settings for search engine, which it has written itself in as an administrative setting. Since I don't have any administrator accounts for Chrome, I can't get in to change the damn thing.

Re:bundle

[gzuckier]

I'm hoping they will automatically uninstall Chrome as well, since it somehow manages to reinstall itself surreptitiously so often. So many third party programs will install it during an update if you're not paying attention to which boxes to uncheck; and I know every time I go visit my mother she'll be asking about what this Chrome thing is and how to get rid of it. Most often it's the anti-malware software that puts that shit there, which is ironic since I consider anything being installed without my explicit permission to be malware. It should get rid of googlebar or whatever that's called, and all other opt-out software.

No kidding? I haven't seen that. Probably because I have Chrome installed. This is really going too far.

Yay!

That's all. Just Yay!

Hmm

I feel there's a word that's appropriate... hypo... hypocr.... oh, MS Word told me the word I'm looking for is "hyper". Yep, what a bunch of hypers.

Re:Hmm

[JMJimmy]

Yup. The effing bing bar is something I delete on a weekly basis from several machines. Granted it's also stupid user syndrome.

Re:Hmm

What is the smallest browser space you have ever seen remaining? Once at a friends house I asked to use the internet and half the screen vertically plus around 1/10 horizontally was taken up by various "toolbars". I'd never even seen a horizontal one before that day.

Re:Hmm

[gfxguy]

I experience that with my wife. She's got a reasonably nice desktop for doing what she does (nothing important) but complains it runs slow. It was screaming fast once upon a time, so I go and run and rerun all the anti-virus software and malware removers, remove have the extensions that have installed themselves, reboot a few times in the process, and it's screaming fast again. The most toolbars I've counted was at least 6, and the search is almost always stuck on something undesirable.

Re:Hmm

net localgroup administrators /del {wife's logon id}

Problem solved.

Re:Hmm

[ImprovOmega]

Doesn't matter. Most of those toolbars can install in a purely user context. Otherwise how would they infect...I mean...assist corporate users.

Re:Hmm

No, don't give him useful advice. MS users like to suffer.

Re:Hmm

That certainly doesn't solve it.
You don't need admin rights to install toolbars in your browser.

Re:Hmm

[tompaulco]

Yup. The effing bing bar is something I delete on a weekly basis from several machines. Granted it's also stupid user syndrome.

At issue is the fact that by using the Ask.com toolbar, you give click profit to Ask.com instead of Microsoft through the Bing toolbar. I question the legality of declaring something malware because it eats into your competing products profits.

Re:Hmm

[Khyber]

I've managed to get the browser window as small as 128x96 with a fuckton of toolbars and BHOs.

Re:Hmm

Without someone intentionally (c.f. malice vs incompetence) trying to fuck up their computer, the most I've seen is 6: yahoo, google, ask, norton, some coupon crap, some other search hijacker crap. That was on a customer's ancient XP machine that had an even older CRT monitor set to 800x600.

Re:Hmm

[Maritz]

Last time I saw the Ask toolbar, it couldn't be uninstalled through the control panel. For me, that's pretty much what makes it malware, in addition to the browser search hijacking of course.

Re:Hmm

[CauseBy]

You make a valid point but laws only matter if they are enforced.

Re:Hmm

[gfxguy]

I don't like to suffer - removing any admin rights would solve a things, but just cause other problems - and wouldn't stop the toolbars and changes to searches. So I can fix it up once every few months, or have her annoy me on a weekly (or even daily) basis to install certain software and updates (like iTunes and such). It's a lose-lose situation.

Re:Hmm

[amicusNYCL]

The most toolbars I've counted was at least 6

Amateur

Re:Hmm

[samwichse]

Bought my wife a Chromebook. Haven't looked back (or had to do the above) since.

Re:Hmm

[Whorhay]

My wife seems to be pretty good about avoiding those kinds of issues. What she does instead though is open every dumblink that she might possibly want to read later in a new tab or window. But then she apparently never goes back and reads any of it, or reads them and leaves them open for referencing from latter. She complains about her computer slowing down and I go look at it and she'll have dozens of tabs and windows going all at once.

Re:Hmm

[stevez67]

Yes, Google does an excellent job of ensuring they're the only ones tracking your web behavior and feeding you ads.

Re:Hmm

It'd help if they didn't hide 6pt checkboxes with "Do you never not want to not install no Ask Toolbar, never?" and it's grayed out by default...which means install it. Follow the instructions. Failure to follow all 1,000 steps correctly results in Ask Toolbar being installed by default. Install by default. INSTALL BY DEFAULT.

Seriously, most of this crapware tricks you into installing it. I solved this particular Windows problem by using Linux.

Re:Hmm

Exactly the same reason Norton Anti virus was once a virus.

Re:Hmm

Except that was done intentionally to test the 'Reset Browser' functionality when it was added in IE7, he is counting just what his wife had installed while not intentionally installing any.

Re:Hmm

It's much worse when you have a 1024x768 resolution on a 5:4 17" monitor and a website decides to have a giant bar at the top. It makes it feel like my screen is halved.

Re:Hmm

What is the smallest browser space you have ever seen remaining? Once at a friends house I asked to use the internet and half the screen vertically plus around 1/10 horizontally was taken up by various "toolbars". I'd never even seen a horizontal one before that day.

About three lines worth of browser space. Menu and favorites bar at the top, status bar at the bottom (no biggie, though Favorites bar is usually the first thing to go for me). Ask Toolbar, Bing Bar, Google Toolbar, Coupon Bar, AVG Safe Search (but the rest of AVG nowhere to be found on the machine), Yahoo Toolbar, MyWebSearch, Alexa Search, and about six more I'd never seen before (about ten years into what is now over an 18 year career, thought I'd seen them all...wrong). The guy said "can you get me a bigger monitor, I keep having to scroll to see anything on this one...".

Re:Hmm

AVG Security Toolbar is a bigger offender in the "can't be uninstalled by any normal means" category. It's hit or miss though. Most Ask Toolbars I come across do uninstall.

Re:Hmm

[Blaskowicz]

I installed the Nuke Anything firefox extension specifically to (semi-manually) remove huge bars, though that may take a bit many clicks.

Re: Hmm

Elementary OS based on linux. Get it for her. She could already kiss malware goodbye.

Re:Hmm

[im_thatoneguy]

Oh man I remember that AltaVista bar. I really really liked that one. That was the one and only useful search bar. It was useful not only because back in the day AltaVista was the best search engine but also because of the translate button which is the only reason I still use AltaVista from time to time and a pretty damn good ad blocker.

Re: Hmm

Tech illiterates need linux. My mum and one of 2 sisters learnt to avoid malware, affter my father (programmer) and I (school student, very enthusiast) taught them. Otherwise I'd make her run Linux by default

Re: Hmm

[gfxguy]

I'm sure they have a great iTunes client.

Re:Hmm

[samwichse]

Blah blah blah I live in the real world blah blah tired of fixing it blah.

Office upload center

[Roodvlees]

I hope that's the next target to be considered malware. Probably not by Microsoft (as it serves their needs) but hopefully by an anti-virus company.

Re:Office upload center

What's your beef with the Office Upload Center? It's only installed with Office, not bundled with anything else, so hardly in the same category as bundled crapware like the Ask toolbar. Yes, it's a bit dumb that those that don't need it can't easily remove it, but same goes for a lot of features in a lot of products. Irritating, but hardly malware.

Re:Office upload center

The main issue *I* have with it, is that when I disable it - You know... I like to disable stuff I don't use - it refuses to stay disabled.

There are schedules, and protection tasks, and all sorts of other asshatery that will keep that process running. That's what you would normally call malware - something that refuses to stay disabled or removed.

Flashback time

[Ol+Olsoc]

When people called me, having trouble with their browsers, and there were about 15 or more toolbars taking up their entire screen. And ask was always there, sometime multiple times.

Anything that installs a toolbar in your browser is malware.

Re:Flashback time

[XxtraLarGe]

When people called me, having trouble with their browsers, and there were about 15 or more toolbars taking up their entire screen. And ask was always there, sometime multiple times. Anything that installs a toolbar in your browser is malware.

Ditto. That's usually one of the first questions I ask, and most people have no idea how it even got on their machine. I tell them "they aren't giving you this toolbar to be nice, they're giving it to you so they can control your searches and sell you stuff."

Re:Flashback time

Are you serious? How can you survive in today's World Wide Web environment without a tailored toolbar experience that sends all your input and browsing data to its publisher? Ask and you shall receive.

Re:Flashback time

[OzPeter]

Are you serious? How can you survive in today's World Wide Web environment without a tailored toolbar experience that sends all your input and browsing data to its publisher? Ask and you shall receive.

Funny, I thought that was Google's business model.

Re:Flashback time

[AmiMoJo]

What got them in the end was that they screwed with the user's search settings. Toolbars are a supported feature of Internet Explorer, but apps are not supposed to screw up search settings in the registry.

Doing so generates warning prompts on Windows, but because the user was already clicking through those to install Java they probably didn't notice an extra one for Ask.

Re:Flashback time

[TapeCutter]

Yes, except google is mind bogglingly popular precisely because its search results are not dictated by short sighted bean counters.

Re:Flashback time

Are you serious? How can you survive in today's World Wide Web environment without a tailored toolbar experience that sends all your input and browsing data to its publisher? Ask and you shall receive.

Funny, I thought that was Google's business model.

While true, pointing this out will get you modded down here.

Re:Flashback time

[wernercd]

And it's not an ADDITIONAL search bar on top of the actual browser. If Google forced "Google Toolbar" down your throat, we'd have an apple-to-apple comparison.

There's a difference between using a built in search engine (with the ability to change it to Bing, if your heart desires)... and getting a search engine - and extra crap - installed without your knowledge.

We all know the average idiot doesn't know how to avoid getting tricked into installing it - and Ask and other companies go FAR out of their way to discourage saying no. It takes actual effort to not get dinged.

You can argue about how evil Google is... but they aren't acting like Ask does.

Re:Flashback time

[RuffMasterD]

I know, right. No mater how many handy little search bars I install on peoples systems, someone will always call me to solve their shitty little problems. The search thing is right there, people! Use it.

Re:Flashback time

[citation needed]

Re: Flashback time

Google used to have a toolbar back before the browsers all got search fields built in. It was probably what got the toolbar business off the ground. I used it for a while because it was a real timesaver.

Re:Flashback time

Yes, the long sighted bean counters are superior.

captcha: distrust

Re:Flashback time

[ArcadeMan]

This is 2015. You don't need toolbars to do all that. Simply use Chrome and stay logged into your GMail, Hotmail, Facebook and Twitter accounts.

Re: Flashback time

[Guspaz]

It was convenient, because it added a bunch of features to IE. As you said, it added a search box to IE long before URL-bar searching was a thing, but it also allowed search term highlighting, a popup blocker, form auto-fill, in-browser spellcheck, etc. All of this is built-in to web browsers today, but back in the day, the Google Toolbar was legitimately useful.

Re: Flashback time

[RavenLrD20k]

Yes. Google had a tool bar, no one is contesting that; but was it forced down your throat by google? If you downloaded any google software, did you have to specifically uncheck a box to not have it installed, or did you have to explicitly click on a link that said "Get the google toolbar" that was more than a few lines below the "Google Search" and "I'm Feeling Lucky" buttons where you couldn't accidentally miss the button by a few pixels to click on the link? If I remember right, it fit more the latter case I presented.

That's a lot different from putting a checkbox with 8pt Text in a 12pt body that you have to find and uncheck to prevent the installer from automatically installing the toolbar.

Re:Flashback time

[gfxguy]

...and that extra crap is software designed to keep you from getting rid of what they installed. That's malware. Google isn't malware. Neither is Bing... they both "play fair."

Re:Flashback time

[CauseBy]

I would tweak what you said to: "Google is mind bogglingly popular because its search results USED TO BE not dictated by short-sighted bean counters, and then market inertia now that they are".

I switched away from Google about a year ago because I was finally fed up with lousy result quality. My specific complaint is that Google ended its long-ago policy that every result contains every search term exactly as given. Wow, that was useful, but now Google just tries to guess what you want. That's nice and all, but if you think I'm a dumb user, then show me results for what I actually searched for and then make a suggestion about a search you think would be better. But just straight up giving me results that I didn't search for? No thanks, I switched.

Re:Flashback time

How can you survive in today's World Wide Web environment without a tailored toolbar experience that sends all your input and browsing data to its publisher?

Chrome.

Re: Flashback time

[Carewolf]

Yes. Google had a tool bar, no one is contesting that; but was it forced down your throat by google? If you downloaded any google software, did you have to specifically uncheck a box to not have it installed, or did you have to explicitly click on a link that said "Get the google toolbar" that was more than a few lines below the "Google Search" and "I'm Feeling Lucky" buttons where you couldn't accidentally miss the button by a few pixels to click on the link? If I remember right, it fit more the latter case I presented.

That's a lot different from putting a checkbox with 8pt Text in a 12pt body that you have to find and uncheck to prevent the installer from automatically installing the toolbar.

When I download free windows software I very often have to check "Do not install Chrome". They are bundling it with all kinds of things now to force it on everybody.

Re:Flashback time

[Anubis+IV]

This. So much. Google used to be run by the engineers. These days the engineers are run by Google. They earned their place at the top, but they're actively sabotaging themselves with the various moves they're making, such as the one you cited. I tried DuckDuckGo last year and was unimpressed at the time. I tried again a few months ago and found it to be much better than before, so I went ahead and switched all of my devices over. The only two things I miss from Google Search are map results when I search for addresses and the ability to specify a date range for my search (e.g. quite often, coverage over a news topic will change over time, so I like to have it just check the first week that something happened, that way I can see the initial coverage in the news).

Re:Flashback time

[EmperorOfCanada]

I hate when I look up a local business which does have a website but some SEO whoring website directory with a crap listing comes up instead. In the 90s if you searched for anything you got someone whoreing whores or whoring a casio. Google came along and ate everyone's lunch by not showing us crap. Now when you search you get SEO whores. I don't ever want another answers.com, ask.com, quora.com, experts-exchange.com(which doesn't seem to come up much anymore), huffpo, gawker anything, sourceforge, or any other SEO whoring content free sites.

So who is going to eat google's lunch?

Re:Flashback time

[yuhong]

I don't think Google is that horrible. Even with Google+, I don't think Vic Gundotra is a bean counter.

Re: Flashback time

Yes, Flash does install Google Toolbar, which if things go well will present a checkbox for you to uncheck, but the options to forgo the tacked on foistware are not present in every case of upgrading your Flash software, which btw it quite frequently insists that you upgrade to yet another new version so you have to be constantly on the lookout.

Re:Flashback time

maybe once chrome is not a memory hog again...

Re: Flashback time

[RavenLrD20k]

So your bitch is with Adobe, not Google. This is the apples to apples comparison that wernercd was mentioning.

People have a problem with Oracle's method of having Oracle's Java installation include an opt-out download of the Ask Toolbar which is known to be malware and very difficult to uninstall through traditional methods.

People have a problem with Adobe's method of having Adobe's Flash installation include an opt-out download of the Google Toolbar which is known to be spyware and fairly easy to uninstall through traditional methods.

People do not bitch about InterActiveCorp force feeding the toolbar on them for the Java install, because IAC has no control over Oracle's installer. Likewise there's no reason for people to bitch about Google force feeding the toolbar on them for the Flash install, because Google has no control over Adobe's installer. This is not to say that IAC's and Google's respective toolbars don't have issues of their own, only that IAC and Google aren't directly responsible for what 3rd parties do when 3rd parties try to install their software.

Re: Flashback time

[Your.Master]

No, it's with both of them.

Adobe isn't trying to install Google Toolbar out of the kindness of its heart, or over Google's objections, or because it needs Google Toolbar technology. If it's trying to install Google Toolbar, it's because they accepted money from Google to do so. So yes, Google *is* exerting control over Flash's installer, and they are almost certainly *directly* responsible for it.

Re:Flashback time

[qubezz]

Actual old-style search is still available. If you don't want to keep choosing the option after the normal results every search, you can use a search plugin. http://mycroftproject.com/sear...

Re:Flashback time

[gzuckier]

I would tweak what you said to: "Google is mind bogglingly popular because its search results USED TO BE not dictated by short-sighted bean counters, and then market inertia now that they are".

I switched away from Google about a year ago because I was finally fed up with lousy result quality. My specific complaint is that Google ended its long-ago policy that every result contains every search term exactly as given. Wow, that was useful, but now Google just tries to guess what you want. That's nice and all, but if you think I'm a dumb user, then show me results for what I actually searched for and then make a suggestion about a search you think would be better. But just straight up giving me results that I didn't search for? No thanks, I switched.

I don't mind the adjusted search terms, they work for me; but the slew of useless garbage sites that comes up pisses me off, either as the result of an overload of garbage sites in general, or else the brilliant optimization the click farmers are using. Search for anything, and you get a bunch of sites offering to sell it to you, best available at cheapest prices. Search for diarrhea, you get a dozen sites offering to sell you the best diarrhea.

Kettle black

[rmdingler]

In other news, the US is incensed with the latest Chinese spying allegations.

I have always considered it malware

what took them so long?

Re:I have always considered it malware

Lack of competition.

Re:I have always considered it malware

They had to one-up on the toolbars by creating Cortana first. Now they're making room for it

One down...

[daedalus2097]

1,753,378 to go.

My question

Why does ANYONE use Microsoft's monthly removal? It is what they consider malware or spyware not what everyone else in the world considers it. I haven't ever taken that stupid update.

Re:My question

Have you ever looked at the list? There are always a few outliers but they all do roughly the same things. Kaspersky and bitdefender typically seem a little bit ahead, but the MS stuff is generally in the next tier with guys like panda, fortinet, avira, etc. and ahead of the norton and avg

They all let you override individual locations, even if it is somewhat of a pain on occasion.

So to answer your question, it is free, easy to get, and is as good as many of the alternatives...with that said I use personally use bitdefender right now while at work we are stuck with a corporate deal with symantec, in case you were wondering norton blows.

Re:My question

[damnbunni]

He's not talking about Microsoft's antivirus/antimalware, he's talking about the 'malicious software removal' that's part of Windows Update even if you don't have MS's AV installed.

It removes a very few specific things that can be difficult to get rid of.

Re:My question

The monthly MSRT is like the McAfee "Stinger" tool. It's a one-shot, foreground-only malware removal tool that gets replaced with an entirely new copy of the program every so often.

MSRT just runs automatically as part of Windows Update. Stinger requires you to go download it and run it manually.

Also, MSRT has undocumented API access beyond anyone else's capabilities, and a short enough support window to make it worthwhile to use undocumented API's. It wouldn't surprise me to know that MSRT does all kinds of low-level "dirty tricks" to get rid of any identified threats, given that WU virtually guarantees it to run with a reboot. The entire MSRT concept is probably the strongest position for a malware removal tool to be in. Malware would have to outright block WU to keep its foothold truly safe, and that's going to raise some alarm bells to just about everyone. And never discount the possibility of a WU dead-man's-switch. Microsoft actually has the capability to make Windows cripple itself (probably into Safe Mode) if it doesn't get malware checks of some sort on a regular basis. Why they don't just throw down and use that capability is the only remaining question. Probably because it would piss off the vocal fringe users and the anti-Microsoft hate-squad that think there's some conspiracy to spy on their porn browsing habits or some stupid thing.

Re:My question

Believe it or not MSRT is considered the most effective AV tool period, when your'e talking about numbers of infections removed.

It's distributed automatically, works silently, and is pretty effective at it's job.

It doesn't protect you from new or unknown threats, but it does the important job of removing known-but-difficult-to-remove threats

Re:My question

Malware would have to outright block WU to keep its foothold truly safe

Yes, I've seen this happen, along with preventing Defender/MSE and other similar services from running. Not uncommon.

and that's going to raise some alarm bells to just about everyone.

Except for the vast number of "internet machine" users. They never notice.

And never discount the possibility of a WU dead-man's-switch. Microsoft actually has the capability to make Windows cripple itself (probably into Safe Mode) if it doesn't get malware checks of some sort on a regular basis.

[citation needed]

Re:My question

Well I can tell you this, since I have had Windows 7 pro (from day 1 of the release) I have never taking any of the malicious software removal's. So it can't be a problem of not taking it and Windows complaining.

Re:My question

[tehcyder]

in case you were wondering norton blows

Well it used to suck, so there's been a 180 degree turnaround.

Antitrust?

If Microsoft removes competitor's toolbars, but not the Bing toolbar, isn't that an antitrust lawsuit waiting to happen?

Re:Antitrust?

[in10se]

I've never seen the Bing toolbar bundled with anything (including any Microsoft products). As far as I can tell, it's a 100% opt-in manual download.

Re: Antitrust?

Its bundled with skype.

Re: Antitrust?

For me, it came with both Skype and DirectX. Few other things I can't remember before that. A quick Google search reveals that it comes with a lot of things.

Re:Antitrust?

[Joe+U]

No, because the restricted behavior isn't bundling, it's changing search providers without prompting.

It's mentioned in the article in about every single sentence, so I can see how you missed it.

Re:Antitrust?

HP Printer drivers. Unless you click "Select software installation" and uncheck it, it will install by default.

Re:Antitrust?

[EmperorOfCanada]

+3 imaginary votes in the category "burned"

Re: Antitrust?

For me, it came with both Skype and DirectX. Few other things I can't remember before that. A quick Google search reveals that it comes with a lot of things.

Yeah, but it doesn't silent-force search settings by messing with the registry like the Ask Toolbar.

Re: Antitrust?

Yeah, but the rapist said thank you when he was done....

Re:Antitrust?

It's even bundled with HP's consumer printer drivers. You have to go through a multi-step custom install in order to not install it.

Re:Antitrust?

[rubycodez]

HP printer drivers are amazing, in the sense that 100+ meg of wares is installed when it only takes tens of kilobytes to actually drive a fucking printer. I mean Jesus Quincy Christ impaled on a stick with roman military nails, what in the hell?

Re:Antitrust?

All those megs are software to make the printer work only with genuine and non-refilled HP cartridges.

Too little, too tale

[Eloking]

Great, but how about marking as malware every bundled software that come with an installer? It doesn't seem complicated to me, it I install SomeProgram.exe then any other software unrelated to SomeProgram.exe should be marked as malware and removed.

Re:Too little, too tale

Especially the most sinister ones: DirectX, Java and Microsoft Visual C++.

Re:Too little, too tale

Great, but how about marking as malware every bundled software that come with an installer? It doesn't seem complicated to me, it I install SomeProgram.exe then any other software unrelated to SomeProgram.exe should be marked as malware and removed.

I think if you do it right you're correct. There could be a legitimate case of one program relying on another that this would screw up.

Pop up message. I see you just installed someprogram.exe at the same time weirdprogram.exe also installed. Do you want to keep weirdprogram?

Ahhh... Toolbars!

[neilo_1701D]

I always remember this image of IE7 stuffed with toolbars. A similar test was done on Windows XP.

In the case of IE7, this was done as a test to see if the reset function would work correctly. It did.

Re:Ahhh... Toolbars!

[ImprovOmega]

Oh my god, MyWebSearch...I had almost forgotten about those douchebags. There was a time about 3-4 years ago where I was removing it from some secretary's computer every week. "But I like the smilies!" "Not on a corporate machine you don't. Stop it."

Re:Ahhh... Toolbars!

[thedavidcathey]

I have seen something nearly identical to this in the field. I was truly amazed.

Bing toolbar!

[SkunkPussy]

The bing toolbar gets bundled with directx or something so hopefully microsoft will be consistent with their policy!

Re:Bing toolbar!

[Joe+U]

The Bing toolbar doesn't change search settings without prompting, and is not removed. Same with the Google toolbar.

Re:Bing toolbar!

The Bing toolbar gets bundled with EVEYTHING from Microsoft. Every single thing I've downloaded from Microsoft's website has asked me no less than once and no more than thrice if I wanted to install the Bing toolbar. Most of their stuff ask before download and a lot of it ask again after installation is complete.

Re:Bing toolbar!

Hopefully you'll not be such a moron and stop with the knee-jerk "I hatez da M$$$$$444$$$$1111!!!!!1111" crap.
 
That played out around here about a decade ago.

I always assumed that

[OneSmartFellow]

loading all this crap was tolerated by Microsoft because it was the main impetus for people buying new PCs.

Now that Android is taking over the personal OS landscape, and PC sales are dropping, MS doesn't gain as much as they used to, and now actually feels the pain from allowing this to happen, they decide to remove them.

Re:I always assumed that

loading all this crap was tolerated by Microsoft because it was the main impetus for people buying new PCs.

  Now that Android is taking over the personal OS landscape, and PC sales are dropping, MS doesn't gain as much as they used to, and now actually feels the pain from allowing this to happen, they decide to remove them.

I feel there's too many elements of truth in this that I'm not sure it should be labelled as funny.

Re:Aw, isn't that cute (^2)

Then make the bundle crapware Easy to uninstall, and so on.

It's hard to imagine, but

[bluegutang]

at this pace, within a couple years I'll like Microsoft more than I like Mozilla.

Re:It's hard to imagine, but

at this pace, within a couple years I'll like Microsoft more than I like Mozilla.

Ten years ago, I never would have agreed with you. Now I just feel dirty.

Re:It's hard to imagine, but

at this pace, within a couple years I'll like Microsoft more than I like Mozilla.

I feel dirty inside, but I'm agreeing with you.

First it was a free copy of Windows 10 for to apologize for Windows 8, then it was HTTP Strict Transport Security by default, now this.

Microsoft has definitely gone up a couple of notches in the last few months.

Re:It's hard to imagine, but

For what? Finally doing the right thing 10 years later?

Re:It's hard to imagine, but

[PitaBred]

Late is not ideal, but it's still better than never.

Good

[nine-times]

Good. It is malware. I can't think of a browser toolbar that I wouldn't consider to be malware to some degree. Has anyone in the past 5 years intentionally installed one of those things? My impression is that they only ever get installed because someone wasn't paying enough attention when they installed some crappy piece of software, and it was bundled in.

Re:Good

I have finally met someone who actually uses them. In fact he used THAT one. For some reason he liked the search results better. I know, I know...

Re:Good

[ImprovOmega]

It really hasn't been necessary to have a browser toolbar since search was integrated into the main UI for basically all modern browsers. I briefly had a Google toolbar intentionally installed 5+ years ago, but now I just have my search provider set to Google and I never even thought about a toolbar since. I've removed a lot of them from friends and family PC's though.

Re:Good

Yes, I install Prefbar in Firefox on every computer I use.
http://prefbar.tuxfamily.org/

Re:Good

[friesofdoom]

My father in law uses the eBay toolbar, not sure why, but he does...

Finally

Took them long enough. In my IT shop we have been calling it a malware vector for years.

Re:King Frosty The First!

[hyperar]

Oh no, the facebook generation is reaching Slashdot.

Why is it

That lately, I'm thinking of MSoft and Oracle as two middle school girls in a cat fight.

Re: Why is it

Lately? It's been that way for awhile.

Whack a mole

[retroworks]

All the "negative checkoff" (click NOT to install) and all the (CNET downloads.com e.g.) sites where banner ads mislead to click on them rather than the download file button you are looking for should be treated as malware, starting a long time ago.

Re:Whack a mole

[bmo]

All the "negative checkoff" (click NOT to install) and all the (CNET downloads.com e.g.) sites where banner ads mislead to click on them rather than the download file button you are looking for should be treated as malware, starting a long time ago.

So much this. All of the major "download sites" for Windows freeware/shareware do this. Even some official sites hide the actual download button and have big adware/spyware/shitware "download" buttons.

For example, I used to recommend imgburn for Windows users years ago, back when XP was new, until I saw what they were doing with their official page. They still haven't cleaned it up. It's still shit.

Feast your eyes upon this abomination:
http://www.imgburn.com/

Be in a hurry and spot the actual download link. Go ahead. Even if you know what you're looking for, you can miss it.

Also- "Versions 2.5.1.0 on included optional Ask.com adware in the installer,[4] which was replaced in version 2.5.8.0 with OpenCandy adware.[5][6]"

Go to wikipedia and look at the list of software that OpenCandy infects, too.

Then there is stuff like MindSpark that even comes *preinstalled* on consumer-level machines from Dell and HP.

It's when I see shit like that I thank my lucky stars I moved away from Windows full-time 18 years ago.

--
BMO

Re:Whack a mole

While I agree with you in principle, I'm not sure what's wrong with the example you gave. I found the download is about 2 seconds. There's a link called "Download" in the navigation bar that leads you to mirrors, right at the top with one saying "Provided by ImgBurn". Pretty standard and clean.

Re:Whack a mole

[DocSavage64109]

Same here. Maybe he doesn't have adblock installed.

Re:Whack a mole

[swilly]

I get the same page both with and without AdBlock for Chrome. And I agree, this site isn't a good example of tricky download links.

Re:Whack a mole

[tehcyder]

I think the point is that, viewed with no ad blocking software, the most prominent download link is a big green button with "download" written on it (that installs one of the usual suspects).

You or I wouldn't just click on it and agree to everything that follows, but it would not be a difficult mistake for your dear old granny to make if someone you trusted had actually said "go to the Imgburn website and download it from there.".

All toolbars are malware?

[stedlj]

All toolbars are malware, what is the big deal. I took user install rights away, because of toolbars. They were just causing to many problems.

That's bullshit

Everybody I know has multiple toolbars on their internet. None of them has problems with malware. I even specifically asked the ask toolbar whether or not it was malware, and it said (and I quote) "that's ridiculous".

That'll annoy Oracle

[Geeky]

Annoying Oracle can't be a bad thing. I can't believe they bundle it when Java is needed for so many enterprise apps - surely the reputational damage is worth more than the revenue from bundling the toolbar? It makes them look cheap and certainly not enterprise.

So yeah, good for Microsoft. They're doing some good things these days. Perhaps a bit like IBM when they were knocked off of their perch, MS now realise they need to actually produce good products and play nicer with customers.

Re:That'll annoy Oracle

Play nice with customer like that annoying upgrade to Windows 10 icon in the system tray that you can't remove?

Re:That'll annoy Oracle

[flink]

Annoying Oracle can't be a bad thing. I can't believe they bundle it when Java is needed for so many enterprise apps - surely the reputational damage is worth more than the revenue from bundling the toolbar? It makes them look cheap and certainly not enterprise.

If you download the "server" JRE (actually it's a full JDK, I don't know why they label it that way), it comes as a simple tarball. It doesn't interact with the registry, doesn't install the browser plugin -- it's just full JDK distribution. I'm guessing they are locked into a multi-year co-marketing deal with Ask for the consumer distribution. I always just download the server version, unzip, and add C:\jdk1.x.y_z to my PATH and I'm done.

Re:That'll annoy Oracle

[ImprovOmega]

If you just run a silent install of the offline installer it doesn't install ASK either. Granted getting to the offline installer is not exactly obviously presented on their download page, but it is available. And corporations have been using that for years.

Re:That'll annoy Oracle

[erp_consultant]

I can only deduce that Oracle is under some sort of licensing agreement with Ask that was written back when Java belonged to Sun. An agreement that forces them to bundle in the Ask toolbar with Java downloads. Anything other than that makes Oracle look really bad. I could see if Oracle was giving away their software for free and Ask was some sort of way for them to pay the bills. But that is hardly the case here.

Come on Oracle - ditch the cheesy toolbar. Let's all be adult about this.

Re:That'll annoy Oracle

[pr0fessor]

/ task scheduler / windows / setup / gwx /

disable the tasks and kill the tray icon in the task manager.

Re:That'll annoy Oracle

That's really no easier or less dangerous than just not installing the toolbar for 90% of the users out there.

Re:That'll annoy Oracle

"they need to actually produce good products and play nicer with customers"

And yet:

* Skype
* Minecraft
* 'Get Windows 10!' ...

The might have realised it, but they have no idea how to do it.

What I Consider Malware

[TFlan91]

YOUR INTRUSIVE WINDOWS UPDATE!

The latest batch of updates magically moved Microsoft Office Upload Center startup configuration from msconfig/regedit entries TO THE DAMN TASK SCHEDULER! WTF?!

</rant>

I praise them for the rare use case where they use this intrusive omni-present program for good. This is four times, that I remember, in the last year that they have done a sweeping removal of malware with Windows Update

Re:What I Consider Malware

[Joe+U]

The task scheduler is the preferred method for launching tasks now.It's a robust unified interface with logging capabilities and error handling.

I can see the old registry entries being ignored in the future with the ability for the OS to detect and create tasks when an installer tries to write to them.

Yay.

[Demonoid-Penguin]

Ask finally got what it's been asking for all along

Next up - McAffee.

Then Java, then Ffflash. I can see we're gunna need a longer wall. And maybe a conveyor belt.

Re:Yay.

[Ken+D]

Die SiteAdvisor! Die! (and stay dead!)

I'm Baffled...

why anyone would want a toolbar to begin with. It's obviously "malware" in so many ways.

I'm seriously disappointed in the browser area as well. Why can't we have a browser that does ONE THING WELL: browse the Web. I don't care for anything extraneous to surfing. About the only thing I might want besides supporting protocol standards is tabs and a bookmark feature. Nothing else. I don't want or need the dancing baloney. I don't understand the need for programs to do everything for users. I guess growing up on the command line has given me a certain outlook as to how programs should do one thing well.

Re:I'm Baffled...

[ImprovOmega]

With the advent of multimedia webpages it's hard to lock down what exactly is meant by "browsing the web". For most modern sites to work correctly you need to be able to process and display: HTML5, CSS, JavaScript, HTML, JPEG,GIF, BMP, PNG, h.264, .wav, .mp3, .avi, Flash, SilverLight, Java, and so on. So many protocols/formats that may pop up and you have to handle them all. Is it any wonder browsers got so bloated over the years?

Re:I'm Baffled...

[JackieBrown]

There are but when you use them, you find you actually want more from a browser

unchecky.com

if you want to make sure Aunt Ethel doesn't install this in the first place.

Best...quote...ever

"most people will probably recognize as being unwanted crapware"

Were truer words ever spoken?

How about conduit

[Thraxy]

Is the conduit bing browser hijack also considered malware? Cause it bloody well should.

Marketing slimebags

[Tablizer]

I remember some goofy ways installers would try to trick users into toolbars, including double negatives: "Do you not want to not install the Foo toolbar?" or "Skip the bypass of the Foo toolbar installation?".

Re:Marketing slimebags

[tehcyder]

I remember some goofy ways installers would try to trick users into toolbars, including double negatives: "Do you not want to not install the Foo toolbar?" or "Skip the bypass of the Foo toolbar installation?".

"Do you want to install Foo or cuddle a puppy?" Y/N

And in neither case do you get a puppy to cuddle.

Re:Marketing slimebags

[Tablizer]

Now I got the Foo toolbar AND the Puppy toolbar.

Re:Aw, isn't that cute (^2)

[gfxguy]

Not really - it's easy enough to change the default search on IE to google from bing, and it's easy enough to change the default search on google Chrome to bing (or even ask, if that's what you really want). There's no hypocrisy there in saying ask is malware - it most definitely is.

Irony

[Luthair]

The Skype installer and updater bundles software that sets and attempts to maintain homepages and default search to Bing.

Re:Irony

Classic left hand - right hand -situation

Cool

Now when does Norton and McCrapAfee get flagged as malware?

Yes.

[waspleg]

I've seen people install the Google toolbar because they thought that was how to use Google... I've removed it a lot as well.

What took so long?

[fuzznutz]

I gotta say. It's about time. I've been stripping that piece-of-crap browser hijacker out of just about every machine I see. Oracle should be horsewhipped for partnering with those Ask Toolbar assholes.

Like every app provided by Google

I've installed a few Google things, like the globe map thingy, and found the services that Google places on the PC are designed to be UNSTOPPABLE unless the entire app is removed. Chrome is pretty much the same. Yes, Google does allow for a clean uninstall, but if you wish to use their apps in any way, the spyware that Google boots up with your machine cannot be disabled in a way that stays disabled.

Then again, all major PC companies are getting worse with time- after the sickeningly evil scandal of Dice ordering the stealing of major projects on SourceForge so they can be wrapped with malware installers, I've discovered by other 'safe' app download sites now mostly do the same. Finding a good wide source of Windows applications that are guaranteed to be untouched by the download site is now near impossible. The 'clean' sites tend to offer only a tiny subset of all available 'free' utilities.

Obviously, the GROOMING Apple, Google and Microsoft do on their walled-garden mobile OS APP stores ensures most people now accept the most vile software practises as the price of getting free or cheap software. Providers on the classic windows side simply copy these worst practices now.

Re:Like every app provided by Google

Hey, we were having a MS bashing here. Google asshattery is in our blind spot.

SourceForge

[Parker+Lewis]

If Oracle removes Ask toolbar from Java Installer, can SourceForge provide us one version with Ask added back?

Re:SourceForge

[sound+vision]

Shit, they'll give you more than the Ask toolbar...

Do oracle employees have the ask toolbar installed

Does Oracle prevent or allow the ask.com toolbar to be installed when the Java runtime is installed? Does their policies allow any of the bundled software to be installed?

Do Oracle contractors install bundled software onto customer's computers or do they ask the customer as part of the contract if it will be installed?

I wonder what it is like among the companies that bundle software and use their own software if they have policies in place to prevent the bundled software from being installed?

Wow

[ThatsNotPudding]

I experience that with my wife. She's got a reasonably nice desktop for doing what she does (nothing important)

other than looking for a better husband.

Re:Wow

[gfxguy]

You're right, I'm sorry... facebook and iTunes are very important. Shame on me.

This is not malware

[Stan92057]

This is not malware at all. No ones being fooled into installing it. You have to read and if you don't read that's YOUR fault. I'm pretty sure MS going to get sued and MS will loose because its not tricking anyone into installing it and if you don't read the agreement that again is YOUR faults. Ask did install this toolbar without permission in the past and they get sued for it too so im not sticking up that. Is Ask is a good trustworthy business? No they are not, that is a fact. but in this case Ask isn't doing anything wrong.
Please show me how this install is being 1. forced install 2. uses trickery to get installed? 3. cant be uninstalled

Re:This is not malware

[AndyMoney]

If you have to do research on the web just to remove all the search redirects, then yes, it is malware. You shouldn't have to go into the advanced (about:config, etc) browser flags panel to fix the new-tab url overrides, for example.

money money

[AndyKron]

They must no have paid up in time.

Just wondering if someone will make a toolbar clea

[slugstone]

Just wondering if someone will make a toolbar cleaner

How is this feature still kicking?

[SmaryJerry]

I'd expect by now that browser plug-ins have replaced anything a toolbar could offer.

Good

Now MS can focus on getting Windows labelled at malware.

Re:Aw, isn't that cute (^2)

[Darinbob]

And make sure it does not install itself in the first place without your explicit opt-in permission. Otherwise I consider it malware.

ALL ARE MALWARE

All toolbars are malware. what the hell was MS waiting for?

Like watching two rabid dogs fighting.

[jpellino]

No matter who prevails, you still have to live with a rabid victor.

Don't Blame Ask

Don't blame Ask, it doesn't install itself. Blame Oracle! Oracle's Java attempts to install Ask with every update. For awhile, that was almost daily.

At last!

[sseymour1978]

Ask toolbar is so hard to remove, that I considered it malware for years.

Ask isn't removed

[Chalnoth]

It looks like this only applies to older versions of the Ask toolbar. According to the link in the post, "The latest version of this application is not detected by our objective criteria, and is not considered unwanted software."

I do hope that their "objective criteria" will help to keep the Ask toolbar from being quite as annoying as it was, however.

Forced ads?

What about the desktop ads they're supposedly forcing on some people through mandatory Windows updates?

WAHOO!!!

[sabbede]

This pleases me greatly. I'm sick of having to uninstall that crap from all my workstations.

ASK toolbar

YAY! Ask toolbar has been annoying and hard to remove

Re:King Frosty The First!

[Hylandr]

Frosty Piss has been a thing for a very, very long time.

About time

[Mister+Null]

I've HATED Ask for years and never gotten the answers it promises, so thanks Microsoft.

I have a PowerShell Script For That

[Ngarrang]

If this becomes common practice among all of the malware checkers, then I can retire my PowerShell script that remotely uninstalls this bastard software.