How To Remove ChumSearch (For Mac and Windows)

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

This page aims to help you remove ChumSearch. These ChumSearch removal instructions work for Safari, Chrome, Firefox and Internet Explorer, as well as every version of Mac and Windows.

With new waves of unwanted applications coming out every week it is important to understand it and know how to prevent it from reaching your PC. Most people seem to be confused when talking about malware. It is a collective term used to describe any kind of software that is used for malicious purposes, hence the name. While the name Virus also belongs to the malware “family”, it is not the only one. Within this article, we shall educate you on the topic of Browser Redirects, why it is often described as malware and why ChumSearch isn’t actually a virus. Before you jump into the removal instructions, please read over the following paragraphs. It’s always a good idea to learn anything you can about the troubles you could be facing when dealing with these dangerous pieces of software. While Browser Redirects are inherently a lot less dangerous than a Virus can be, it also isn’t something to be treated as a pushover, because it certainly isn’t.

What is ChumSearch? What is a Browser Redirect?

Everything first started when software developers started adding freeware (free programs) in popular installers in an attempt to promote themselves. Unfortunately, some people took that advantage and began using these same channels to spread a different kind of software. One which upon entry into a system, spreads uninvited ads to the browsers currently installed such as Chrome or Firefox. It then uses various ways to display them on the browser window. One of them are banners aligned at the sides of the page. While not as restrictive as some of the rest, they are usually rather large and unappealing. The next one is the much more obstructive pop-up ad. It can hide everything you’ve been currently viewing and instead show you a big window front and center which is really annoying to the average user. Last, but certainly not least, are the in-text ads. They are integrated into the text itself that you are reading and are linked to other locations on the web that are dangerous to visit. They can even display pop-up ads if you hover over them. How annoying!

In addition to that, we have yet to talk about the dangerous part of ChumSearch. While the ads may not seem like something to worry about, what happens after you click on them is another matter on its own. Firstly, they are all linked to web pages that can introduce similar programs that can further bloat your PC, but they can even mislead you into installing dangerous programs or maybe even viruses. Not only that, but clicking on the ads themselves benefits the creators of ChumSearch. A thing called pay-per-click advertising model is one of the most major ways for companies to promote their services and products and also pay the places where they are allowed to position their ads. You’ve probably already guessed at this point that this has something to do with the ads displayed by ChumSearch, and you’d be right. Software developers like the ones that made this same Browser Redirects benefit from the same advertising model. Every time you click on one of the ads you are not only lead to somewhere where you don’t belong, but you also earn money for the attackers of your PC.

Probably the worst part of this whole ordeal is the fact that this software can also steal browsing information and use it against you. When they are in your machine, they collect information such as browsing history (which includes every place you’ve ever visited) as well as search queries (everything you’ve ever searched for). They use these to figure out your interests and use them against you by customizing the ads to your liking. Do not be deceived! You have no benefit from them and they are only used to fool you. It’s nothing but empty promises.

This concludes our short summary on the subject. Do remember that uninstalling or removing ChumSearch can not only seem daunting at first, but it’s really not. If you want to take the easy route download the recommended removal tool, otherwise the manual removal instructions await you!


Name ChumSearch
Type Browser Redirect/Browser Hijacker
Danger Level Medium (Can trick you into downloading more Browser Redirect and other unwanted programs)
Symptoms Computer is infected with many different Ads, that get displayed on your browser regardless of the page you are visiting.
Distribution Method Downloaded directly from misleading Ads or installed alongside other programs.
Detection Tool

Keep in mind, SpyHunter is a malware detection tool. To remove the infection, you need to purchase the full version.
More information about SpyHunter and steps to uninstall.

ChumSearch Removal

Note: if you are a Mac user, you need to follow this guide:

How To Remove Ads on Mac

Readers are interested in:


Reboot in Safe Mode (use this guide if you don’t know how to do it).

This was the first preparation.


To remove parasite, you may have to meddle with system files and registries. Making a mistake and deleting the wrong thing may damage your system.
Avoid this by using SpyHunter - a professional Parasite removal tool.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Reveal All Hidden Files and Folders.

  • Do not skip this – ChumSearch may have hidden some of its files.

Hold together the Start Key and R. Type appwiz.cpl –> OK.


You are now in the Control Panel. Look for suspicious entries. Uninstall it/them.

Type msconfig in the search field and hit enter. A window will pop-up:


Startup —> Uncheck entries that have “Unknown” as Manufacturer.


Hold the Start Key and R copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.


Right click on the browser’s shortcut —> Properties.

NOTE: We are showing Google Chrome, but you can do this for Firefox and IE (or Edge).


Properties —–> Shortcut. In Target, remove everything after .exe.

ie9-10_512x512 Remove ChumSearch from Internet Explorer:

Open IE, click IE GEAR —–> Manage Add-ons.

pic 3

Find the threat —> Disable. Go to IE GEAR —–> Internet Options —> change the URL to whatever you use (if hijacked) —> Apply.

firefox-512 Remove ChumSearch from Firefox:

Open Firefox, click mozilla menu ——-> Add-ons —-> Extensions.

pic 6

Find the Browser Redirect/malware —> Remove.
chrome-logo-transparent-backgroundRemove ChumSearch from Chrome:

Close Chrome. Navigate to:

C:/Users/!!!!USER NAME!!!!/AppData/Local/Google/Chrome/User Data. There is a Folder called “Default” inside:

Rename the Folder to Backup Default

Rename it to Backup Default. Restart Chrome.

  • At this point the threat is gone from Chrome, but complete the entire guide or it may reappear on a system reboot.


Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Try to determine which ones are dangerous. Google them or ask us in the comments.


This is the most important and difficult part. If you delete the wrong file, it may damage your system irreversibly. If you can not do this,
>> Download SpyHunter - a professional parasite scanner and remover.

Keep in mind, SpyHunter’s malware detection tool is free. To remove the infection, you'll need to purchase its full version. More information about SpyHunter and steps to uninstall.

Right click on each of the problematic processes separately and select Open File Location. End the process after you open the folder, then delete the directories you were sent to.



Type Regedit in the windows search field and press Enter.

Inside, press CTRL and F together and type the threat’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

Remember to leave us a comment if you run into any trouble!

Was this guide helpful?