Remove "weknow.ac" Malware in Chrome?

Hi! I have pasted each one of the commands from your post in the terminal prompt and the first work fine but when I paste the last 3 and hit enter I get this message:

Domain (com.google.Chrome) not found.

Defaults have not been changed.

Is there anything I can do for this to remove this malware? Thank you!

Sorry, but where should I copy these new policy names? Once I've found it in the search engine inside chrome://policy/, if I click on the link in blue, it opens a page with a lot of technical info, but no place to copy it...

The following code line wise need to be copied and pasted in "Terminal" app available in your launch pad.

defaults write com.google.Chrome HomepageIsNewTabPage -bool false

defaults write com.google.Chrome NewTabPageLocation -string "https://www.google.com/"

defaults write com.google.Chrome HomepageLocation -string "https://www.google.com/"

defaults delete com.google.Chrome DefaultSearchProviderSearchURL

defaults delete com.google.Chrome DefaultSearchProviderNewTabURL

defaults delete com.google.Chrome DefaultSearchProviderName

You have to copy each and every line and then hit enter.

Everything worked out well after that, but, I like to have "New Tab Page" with recents and favourites being displayed, which is now displaying www.google.com when I hit the "+" to add new page. Except that every thing is good.

Appreciate if Skason can explain us how to get default New Tab Page in Chrome instead of www.google.com

THANK YOU! Apple support walked me through deleting WeKnow from Safari but after some tries, they could not get rid of it from Chrome. They gave me a Google number to call but unsurprisingly, I couldn't get through. Luckily I found your instructions and you've solved the problem!! Thank you.

Skanson... you are a genius!!!! THANK YOU! I was on the phone twice (two different people) with apple customer support and they couldn't fix it. Going into terminal, copy and pasting exactly what he posted, hitting enter in between each one, then hitting control AND the letter "O" at the same time saved the work in terminal and got rid of the WeKnow.ac browser.

"For Safari, there are a variety of techniques being used to change the settings. One is to add a bookmark and change Safari's settings to load "tabs for" that bookmark item at startup. This is easy to miss, since the homepage entry can be left untouched, making it appear that something is still installed if you're not observing carefully."

Please expound on this, I don't follow.

I deleted chrom and reinstalled. Weknow.ac still there.

Thanks1

for whatever reason the defaults delete instructions failed as not found - any thoughts?

defaults delete com.google.Chrome DefaultSearchProviderSearchURL

2018-12-20 15:15:03.547 defaults[1268:13178] 

Domain (com.google.Chrome) not found.

Defaults have not been changed.

I deleted Chrome MANY times. But what you have to do is go to Terminal app on your laptop (go to Spotlight search) and then copy and paste these lines.

defaults write com.google.Chrome HomepageIsNewTabPage -bool false

defaults write com.google.Chrome NewTabPageLocation -string "https://www.google.com/"

defaults write com.google.Chrome HomepageLocation -string "https://www.google.com/"

defaults delete com.google.Chrome DefaultSearchProviderSearchURL

defaults delete com.google.Chrome DefaultSearchProviderNewTabURL

defaults delete com.google.Chrome DefaultSearchProviderName

Restart Chrome. Works a treat!! I've had this problem for months to the point I just gave up using Chrome.

Just dealt with this for an hour or two. I feel like an idiot but I found that there is a zipped uninstaller available directly from the weknow people. From their search page, click on the FAQ icon at the bottom left. Scroll down and bingo. Took about a minute and a half and cleaned everything right up.

This is only thing that worked and is really simple. Just copy the full sentence over 6 times and hit enter each time. I tried everything else posted, called Geek quad two times and they removed and it reappeared, removed Goolge twice, then tried this and it worked. Wasted a day. Do this first.

Skanson!!!! You are the best!!

Thank you so much for the terminal commands, they worked PERFECTLY on any MacBook Air. I have uninstalled and re-installed Chrome what feels like a million times, deleted tons of "suspicious" files and folders, etc etc and nothing worked until I got the terminal instructions from you. THANK YOU SO MUCH!!!

if using terminal doesn't work for you. The problem is that now We Know Ac is set as an Admin for your MAC directly affecting your terminal and if you input something there, it will not work as We Know Ac blocks it. So:

1. Go to your system preferences (the settings of our MAC), and look for a profiles icon.

2. Click on there (since in a default mac that shouldn't be there).

3. Remove all of the Admin blocks found.

4. And boom, you have a chrome free of malware.

This video & comment section ultimately saved me https://www.youtube.com/watch?v=C0xRhWCX2Is&vl=en

Hi I'm still so confused I need help in the most layman explanation: I am opening terminal then entering the lines in your above post as follows, for example: "defaults write com.google.Chrome HomepageIsNewTabPage -bool false" What am i supposed to do next? Is that what you're saying to enter?

Can you please explain further how to do this step?

"You need to open the "Terminal" application (use the search functionality at the top-right to find it). Then copy and paste, one by one, the commands from my above post into the terminal prompt, hitting enter after pasting each."

I can't seem to get there....

Spent hours on this - this helped immediately. Not sure if some of the other stuff I did also helped, but doing this (deleting virus profiles) helped instantly. Still needed to go back and resent homepages, but now all good - YAY!!! Doesn't involve downloading anything extra.

https://blog.malwarebytes.com/threat-analysis/2018/04/new-crossrider-variant-installs-configuration-profiles-on-macs/