Chromesearch.win

Viruses & Threats
5

Hello Scott,

I understand the inconvenience.
Right click on 'Google Chrome" desktop shortcut icon and select "Properties"
In Target field, you should have path mentioned as "C:\Program Files\Google\Chrome\Application\chrome.exe"
If any additional entry is present in between, please remove it and make sure that the path appears as mentioned above.
Click Apply and Ok. Open Google Chrome browser and check whether the issue persists.
It is also recommended to remove unwanted/unnecessary add-ons, plugins and extensions installed on Chrome browser.
Change the homepage from its settings and let us know the status.

2

Hello Scott,

I understand the inconvenience.
Right click on 'Google Chrome" desktop shortcut icon and select "Properties"
In Target field, you should have path mentioned as "C:\Program Files\Google\Chrome\Application\chrome.exe"
If any additional entry is present in between, please remove it and make sure that the path appears as mentioned above.
Click Apply and Ok. Open Google Chrome browser and check whether the issue persists.
It is also recommended to remove unwanted/unnecessary add-ons, plugins and extensions installed on Chrome browser.
Change the homepage from its settings and let us know the status.

1

So I made a mistake and let some malware in.  It's called 'chromesearch.win' and it looks like a variant of 'chromesearch.today'.  This one gets into the users 'Web Data" and "History" under the hidden local users directory: 'C:\Users\%username%\AppData\Local\Temp\BCLTMP\chrome\Default\Web Data'

The malware plugs in into those files.  It hijacks the default search engine and will not allow you to edit or delete it from chrome's settings.

I really do not want to strip chrome and all the directories out to get rid of it and I'm sure HEX editing the files will be disastrous.  Also Malwarebytes didn't remove it, it just blocks it, forcing you to manually open google to use google search. ARRRRRGGG!

4

Yes, well using that was a complete waste of time. Everything changed EXCEPT the search engine settings!  It's still stuck on chromesearch.win and the Chrome settings cannot change it.

 

screenshot from Chrome settings

3

Well....  I reclutantly ripped out Chrome and reinstalled it,  Guess what?  It DID NOT work!

I'm really not surprised I cannot get a solution from tech support.  All you are trained to do is follow script.  You don't really know what's going on.  So I'm back to digging for this again.

Ces't la vie!